Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IniLerm Advanced IP Blocker advanced-ip-blocker allows DOM-Based XSS.This issue affects Advanced IP Blocker: from n/a through <= 8.10.7.
AnalysisAI
DOM-based cross-site scripting in the Advanced IP Blocker WordPress plugin (IniLerm) affects all versions from initial release through 8.10.7, letting an unauthenticated remote attacker execute arbitrary JavaScript in a victim's browser when that victim is lured into triggering crafted input. Because the CVSS scope is marked changed (S:C), the injected script can affect resources beyond the vulnerable component, though confidentiality, integrity, and availability impacts are each rated low. There is no public exploit identified at time of analysis, and EPSS exploitation probability is negligible at 0.03% (10th percentile).
Technical ContextAI
Advanced IP Blocker is a WordPress plugin used to block or restrict site access by IP address. The flaw is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), specifically the DOM-based variant, meaning untrusted data flows into a client-side sink (e.g., document write, innerHTML, or a JavaScript-driven page element) without proper neutralization, so the malicious payload is assembled and executed entirely in the browser rather than reflected by the server. As a WordPress plugin, the affected surface is the plugin's pages or admin/front-end interface rendered in the WordPress environment; the exact vulnerable parameter and sink are not detailed in the provided data. The CVSS vector (AV:N/UI:R) indicates the payload is delivered over the network but requires a user to interact with attacker-controlled content for the script to fire.
RemediationAI
No vendor-released patch identified at time of analysis - the provided data lists affected versions through 8.10.7 but does not specify a fixed release, so administrators should consult the Patchstack advisory (https://patchstack.com/database/Wordpress/Plugin/advanced-ip-blocker/vulnerability/wordpress-advanced-ip-blocker-plugin-8-10-7-cross-site-scripting-xss-vulnerability) and the plugin's WordPress.org listing for an update newer than 8.10.7 and apply it as soon as one is published. As compensating controls until a patched version is available: deactivate and remove the Advanced IP Blocker plugin if its IP-blocking function can be served by another mechanism (trade-off: loss of IP-blocking capability); deploy a Web Application Firewall or WordPress security plugin (e.g., Patchstack's own vPatch, Wordfence) with an XSS ruleset to filter malicious payloads targeting the plugin's parameters (trade-off: rules may not cover the specific DOM sink and require tuning); and restrict access to the plugin's pages to trusted, authenticated administrators via access controls to shrink the pool of users who can be lured into triggering the payload (trade-off: reduces convenience and does not eliminate risk for those users).
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-32191
GHSA-p4rc-j472-qjfr