Lucene search
K

WordPress AnyComment <0.3.5 - Open Redirect

🗓️ 06 Jul 2026 03:02:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 25 Views

WordPress AnyComment <0.3.5 - Open Redirect vulnerability via API endpoin

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2021-24838
17 Jan 202216:23
circl
CNNVD
WordPress plugin AnyComment 输入验证错误漏洞
17 Jan 202200:00
cnnvd
CVE
CVE-2021-24838
17 Jan 202213:00
cve
Cvelist
CVE-2021-24838 AnyComment < 0.3.5 - Open Redirect
17 Jan 202213:00
cvelist
EUVD
EUVD-2021-11750
7 Oct 202500:30
euvd
NVD
CVE-2021-24838
17 Jan 202213:15
nvd
OSV
CVE-2021-24838
17 Jan 202213:15
osv
Patchstack
WordPress AnyComment plugin <= 0.3.4 - Open Redirect vulnerability
20 Dec 202100:00
patchstack
Prion
Open redirect
17 Jan 202213:15
prion
RedhatCVE
CVE-2021-24838
22 May 202518:25
redhatcve
Rows per page
id: CVE-2021-24838

info:
  name: WordPress AnyComment <0.3.5 - Open Redirect
  author: noobexploiter
  severity: medium
  description: |
    WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    An attacker can trick users into visiting a malicious website, leading to potential phishing attacks or the execution of other malicious activities.
  remediation: |
    Update to the latest version of WordPress AnyComment plugin (0.3.5 or higher) to fix the open redirect vulnerability.
  reference:
    - https://wpscan.com/vulnerability/562e81ad-7422-4437-a5b4-fcab9379db82
    - https://nvd.nist.gov/vuln/detail/CVE-2021-24838
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2021-24838
    cwe-id: CWE-601
    epss-score: 0.02208
    epss-percentile: 0.80422
    cpe: cpe:2.3:a:bologer:anycomment:*:*:*:*:*:wordpress:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: bologer
    product: anycomment
    framework: wordpress
  tags: cve2021,cve,redirect,anycomment,wpscan,wordpress,wp-plugin,bologer,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh"
      - "{{BaseURL}}/wp-json/anycomment/v1/auth/wordpress?redirect=https://interact.sh?a=https://interact.sh"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1

      - type: status
        status:
          - 302
# digest: 490a00463044022030228eb79f5f5fd43dc7cafb281df3b1386bc1c63a0ee019f0271dfb642d43ef02205596cfb4d202a0340a34ff14688cebcdf67a7d1c9afca873e689b759e72ccc46:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 25.8
CVSS 3.16.1
EPSS0.02208
25