CVE-2023-0552

Summary

The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability

Affected Software

VendorProductVersion RangeStatus
UnknownRegistration Forms3.8.1.4 < 3.8.2.3affected

Weaknesses

  • CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References