Lucene search

WpvulndbWPVDB-ID:6C0167BC-D2E1-4A7A-A018-DF1DE6CB6F1F

HistoryMay 07, 2024 - 12:00 a.m.

Share This Image < 1.99 - Open Redirect

2024-05-0700:00:00

wpscan.com

wordpress

open redirect

share this image

vulnerability

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

Description The plugin is vulnerable to Open Redirect due to insufficient validation on a redirect url supplied. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

References

patchstack.com/database/vulnerability/share-this-image/wordpress-share-this-image-plugin-1-97-open-redirection-vulnerability

CVSS3

4.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

Related for WPVDB-ID:6C0167BC-D2E1-4A7A-A018-DF1DE6CB6F1F