`<http://tetraph.com/security/open-redirect/cve-2014-8754-wordpress-ad-manager-plugin-dest-redirect-privilege-escalation/#respond>
*CVE-2014-8754 WordPress โAd-Manager Pluginโ Dest Redirect Privilege
Escalation*
Exploit Title: WordPress Ad-Manager Plugin Dest Redirect Privilege
Escalation Vulnerability
Product: WordPress Ad-Manager Plugin
Vendor: CodeCanyon
Vulnerable Versions: 1.1.2
Tested Version: 1.1.2
Advisory Publication: Nov 25, 2014
Latest Update: Nov 25, 2014
Vulnerability Type: URL Redirection to Untrusted Site [CWE-601]
CVE Reference: CVE-2014-8754
CVSS v2 Base Score: 5.8 (MEDIUM) (AV:N/AC:M/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore: 4.9
Exploitability Subscore: 8.6
Credit: Wang Jing [SPMS, Nanyang Technological University, Singapore]
*Advisory Details*
*(1) Product:*
โWordPress Ad-Manager offers users a simple solution to implement
advertising into their posts, their blog or any other WordPress page. Users
can use pictures and images or HTML snippets like Google AdSense to
incorporate advertising in an easy way.โ
*(2) Vulnerability Details:*
The Dest Redirect Privilege Escalation vulnerability occurs at
โtrack-click.phpโ page with โ&outโ parameter.
*References:*
http://tetraph.com/security/cves/cve-2014-8754-wordpress-ad-manager-plugin-dest-redirect-privilege-escalation/
http://codecanyon.net/item/wordpress-admanager/544421
https://wordpress.org/plugins/ad-manager-for-wp/
http://cwe.mitre.org
http://cve.mitre.org/
`