Description The plugin does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect
Make a logged in user open https://example.com/wp-admin/admin-ajax.php?action=seraph_accel_act&fn;=acceptEula&redir;=https%3A%2F%2Fwpscan.com
CPE | Name | Operator | Version |
---|---|---|---|
eq | 2.2.29 |