Ninja Popups <= 4.7.5 - Unauthenticated Open Redirect

2023-08-1000:00:00

wpscan.com

ninja popups

unauthenticated

redirect

vulnerability

software

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

27.9%

JSON

Description The plugin does not properly validate a redirect url, allowing unauthenticated attackers to redirect users to potentially malicious sites by clicking a link.

References

www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/arscode-ninja-popups/ninja-popups-475-open-redirect