CVE-2024-13888

High CVSS: 7.2

The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Vendor

Amauri

Product

Wpmobile.app

CWE

CWE-601

Yayın Tarihi

2025-02-20 09:15:09

Güncelleme

2025-02-25 20:39:44

Source Identifier

security@wordfence.com

KEV Date Added

Kategoriler

CWE-601 Wpmobile.app HIGH Amauri 2025

Referanslar

https://plugins.trac.wordpress.org/changeset/3243366 https://wordpress.org/plugins/wpappninja/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/a139f0fc-f3e0-4759-aa8d-ba138e5ccc87?source=cve

Benzer Kayıtlar

Medium

CVE-2026-22809

tarteaucitron.js is a compliant and accessible cookie banner. Prior to 1.29.0, a Regular Expression Denial of Service (R…

Medium

CVE-2025-48939

tarteaucitron.js is a compliant and accessible cookie banner. Prior to version 1.22.0, a vulnerability was identified in…

Medium

CVE-2025-4955

The tarteaucitron.io WordPress plugin before 1.9.5 uses query parameters from YouTube oEmbed URLs without sanitizing the…

Medium

CVE-2025-31138

tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior t…

Medium

CVE-2025-31475

tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior t…

Medium

CVE-2025-31476

tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js, allowi…