Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:26 a.m.3 views

CVE-2024-0337

The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayoutsredirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can...

6.1CVSS6.7AI score0.00891EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/03/21 12:0 a.m.8 views

WordPress Travelpayouts Plugin <= 1.1.16 is vulnerable to Open Redirection

Software Travelpayouts Type Plugin Vulnerable versions = 1.1.16 Fixed in 1.1.17 OWASP Top 10 A1: Injection Classification Open Redirection CVE CVE-2024-0337 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 22ec7383525a Credits Krzysztof Zając CERT PL Required privilege...

6.1CVSS7.2AI score0.00891EPSS
Exploits2References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/20 5:0 a.m.11 views

CVE-2024-0337 Travelpayouts <= 1.1.15 - Open Redirect

The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayoutsredirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can...

6.2AI score0.00891EPSS
Exploits2References1
CVE
CVE
added 2024/03/20 5:0 a.m.130 views

CVE-2024-0337

CVE-2024-0337 corresponds to an Open Redirect vulnerability in the Travelpayouts: All Travel Brands in One Place WordPress plugin. Connected data shows the issue arises from insufficient validation of the travelpayouts_redirect variable, enabling unauthenticated attackers to steer users to potent...

6.1CVSS6.1AI score0.00891EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder