CVE-2026-1675
Unknown Unknown - Not Provided
Authorization Bypass in Advanced Country Blocker WordPress Plugin

Publication date: 2026-02-07

Last updated on: 2026-04-08

Assigner: Wordfence

Description
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-07
Last Modified
2026-04-08
Generated
2026-05-27
AI Q&A
2026-02-07
EPSS Evaluated
2026-05-25
NVD
CVE-2026-1675
EUVD
EUVD-2026-5741
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
advanced_country_blocker advanced_country_blocker to 2.3.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1188 The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

The Advanced Country Blocker plugin for WordPress has a vulnerability called Authorization Bypass in all versions up to and including 2.3.1. This happens because the plugin uses a predictable default secret bypass key created during installation, and it does not require users to change this key. As a result, unauthenticated attackers can bypass the geolocation blocking mechanism by appending this default key to any URL on affected sites where the administrator has not changed the default key.


How can this vulnerability impact me? :

This vulnerability allows unauthenticated attackers to bypass the geolocation blocking feature of the Advanced Country Blocker plugin. This means that attackers can access parts of a website that are supposed to be restricted based on geographic location, potentially exposing the site to unauthorized access or abuse.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking if the Advanced Country Blocker plugin is installed and running a version up to and including 2.3.1. Additionally, detection involves verifying whether the default secret bypass key has been changed by the administrator.

Since the vulnerability allows bypassing geolocation blocking by appending the predictable secret key to any URL, you can monitor web server logs for requests containing the default bypass key value.

Specific commands are not provided in the available information.


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to change the default secret bypass key created during installation to a unique, unpredictable value.

If possible, update the Advanced Country Blocker plugin to a version later than 2.3.1 where this vulnerability is fixed.

Until the key is changed or the plugin updated, the geolocation blocking mechanism can be bypassed by unauthenticated attackers.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart