Description
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Remediation
References
Related Vulnerabilities
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Scripting (4.1.9)
WordPress Plugin Gutenberg Block Editor Toolkit-EditorsKit Remote Code Execution (1.31.5)
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.8)
WordPress Plugin RSVPMaker SQL Injection (9.2.5)
Oracle Database Server SYS Account privilege issue (CVE-2021-2000)