CVE-2021-25074
N/A
N/A
Summary
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | WebP Converter for Media – Convert WebP and AVIF & Optimize Images | 4.0.3 < 4.0.3 | affected |
Weaknesses
- CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.