← volver
CVE-2021-25033

Noptin < 1.6.5 - Open Redirect

EPSS 2.7%CWE-601
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue
Productos afectados
Unknown · WordPress Newsletter Plugin – Noptin

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://plugins.trac.wordpress.org/changeset/2639592https://wpscan.com/vulnerability/c2d2384c-41b9-4aaf-b918-c1cfda58af5c