Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attacker controlled page classes/Furigana.php: header(โlocation:โ.urldecode($_GET[โfurikake-redirectโ]));