CVE-2021-25033
N/A
N/A
Summary
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WordPress Newsletter Plugin – Noptin | 1.6.5 < 1.6.5 | affected |
Weaknesses
- CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
ADP Enrichment
CVE Program Container
Additional References
- https://wpscan.com/vulnerability/c2d2384c-41b9-4aaf-b918-c1cfda58af5c
- https://plugins.trac.wordpress.org/changeset/2639592
References
- https://wpscan.com/vulnerability/c2d2384c-41b9-4aaf-b918-c1cfda58af5c
- https://plugins.trac.wordpress.org/changeset/2639592
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.