CVE-2021-25111

English WordPress Admin < 1.5.2 - Unauthenticated Open Redirect

EPSS 1.9%CWE-601

The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue

Affected products

Unknown · English WordPress Admin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/af548fab-96c2-4129-b609-e24aad0b1fc4