Browse all 9 CVE security advisories affecting IP2Location. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IP2Location provides IP geolocation and mapping services for businesses requiring location-based intelligence. Historically, the service has been vulnerable to multiple security issues including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities in its web applications and APIs. The eight recorded CVEs reveal consistent weaknesses in input validation and access control mechanisms. While no major public security incidents have been documented, the pattern of vulnerabilities suggests potential risks for organizations relying on its data for security enforcement or fraud detection. Users should implement additional security layers when integrating IP2Location services into critical systems.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1502 | IP2Location Redirection <= 1.33.3 - Missing Authorization to Unauthenticated Settings Export — IP2Location RedirectionCWE-862 | 5.3 | Medium | 2025-03-01 |
This page lists every published CVE security advisory associated with IP2Location. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.