Description
The command-line cron implementation in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3 does not properly interact with IP blocking, which might allow remote attackers to bypass intended IP address restrictions by leveraging a configuration in which IP blocking was disabled to restore cron functionality.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-0667 Vulnerability (CVE-2016-0667)
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.22.24)
WordPress Plugin Integration for Contact Form 7 and Pipedrive Cross-Site Scripting (1.0.9)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)