Noptin < 1.6.5 - Open Redirect

2022-01-1700:00:00

Channchan

wpscan.com

0.001 Low

EPSS

Percentile

41.6%

The plugin does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue

CPENameOperatorVersion
newsletter-optin-boxlt1.6.5

CPE	Name	Operator	Version
	newsletter-optin-box	lt	1.6.5

References

plugins.trac.wordpress.org/changeset/2639592

0.001 Low

EPSS

Percentile

41.6%

Related for WPVDB-ID:C2D2384C-41B9-4AAF-B918-C1CFDA58AF5C