4 matches found
CVE-2023-5610
The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect...
CVE-2023-5610 Seraphinite Accelerator < 2.20.29 - Authenticated Arbitrary Redirect
The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect...
CVE-2023-5610
CVE-2023-5610 concerns the Seraphinite Accelerator WordPress plugin, affected versions up to 2.20.28, which do not validate the redirect URL for authenticated users, enabling an open redirect. The issue is an authenticated arbitrary redirect via a crafted redirect URL (e.g., via admin-ajax.php), ...
WordPress Seraphinite Accelerator Plugin <= 2.20.28 is vulnerable to Open Redirection
Software Seraphinite Accelerator Type Plugin Vulnerable versions = 2.20.28 Fixed in 2.20.29 OWASP Top 10 A5: Security Misconfiguration Classification Open Redirection CVE CVE-2023-5610 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 123cffdb7c7d Credits Erwan LR Required...