Lucene search
China National Vulnerability DatabaseCNVD-2022-08356HistoryJan 26, 2022 - 12:00 a.m.
WordPress WebP Converter for Media plugin input validation error vulnerability
2022-01-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
43.5%
WordPress is the WordPress Foundation’s set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.The WordPress plugin WebP Converter for Media prior to version 4.0.3 is vulnerable to an input validation error, which stems from the fact that the WebP Media Converter for Media WordPress plugin contains A file (passthru.php) that does not validate the src parameter before redirecting users can be exploited to cause Open Redirect issues.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress webp converter for media plugin | lt | 4.0.3 |
Related
patchstack
patchstack
prion
prion
Open redirect
2022-01-24 08:15:00
nuclei
nuclei
WordPress WebP Converter for Media < 4.0.3 - Unauthenticated Open Redirect
2022-02-12 16:49:24
cvelist
cvelist
openvas
openvas
wpexploit
wpexploit
WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect
2021-12-27 00:00:00
nvd
nvd
CVE-2021-25074
2022-01-24 08:15:09
wpvulndb
wpvulndb
WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect
2021-12-27 00:00:00
cve
cve
CVE-2021-25074
2022-01-24 08:15:09