Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitEnrico Marcolini, Claudio MarchesiniWPEX-ID:F3E64947-3138-4EC4-86C4-27B5D6A5C9C2
HistoryFeb 27, 2024 - 12:00 a.m.

Payment Gateway for Telcell < 2.0.4 - Unauthenticated Open Redirect

2024-02-2700:00:00
Enrico Marcolini, Claudio Marchesini
27
payment gateway
telcell
unauthenticated
open redirect
exploit

6.8 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON

Description The plugin does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue

https://localhost/wp-admin/admin.php?page=wc-settings&action=redirect_telcell_form&api_url=https://www.google.com

Related

wpvulndb 1
nuclei 1
wpvulndb
wpvulndb
Payment Gateway for Telcell < 2.0.4 - Unauthenticated Open Redirect
2024-02-27 00:00:00
nuclei
nuclei
Payment Gateway for Telcell < 2.0.4 - Open Redirect
2024-06-10 20:16:24

6.8 Medium

AI Score

Confidence

High

0 Low

EPSS

Percentile

0.0%

JSON
Related for WPEX-ID:F3E64947-3138-4EC4-86C4-27B5D6A5C9C2
wpvulndb1nuclei1