CVE-2021-25033

Summary

The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue

Affected Software

VendorProductVersion RangeStatus
UnknownWordPress Newsletter Plugin – Noptin1.6.5 < 1.6.5affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

References