The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayouts_redirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Vendor | Product | Version | CPE |
---|---|---|---|
web\-settler | social_feed_\|_all_social_media_in_one_place | * | cpe:2.3:a:web\-settler:social_feed_\|_all_social_media_in_one_place:*:*:*:*:*:*:*:* |