Analytics Insights for Google Analytics 4 < 6.3 – Open Redirect | CVE 2024-0250

Description

The plugin is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Proof of Concept

https://example.com/wp-content/plugins/analytics-insights/tools/oauth2callback.php?state=https://kazet.cc/%3f&code=x

Affects Plugins

analytics-insights

Fixed in 6.3

References

CVE

CVE-2024-0250

Classification

Type

REDIRECT

OWASP top 10

A1: Injection

CWE

CWE-601

Miscellaneous

Original Researcher

Krzysztof Zając (CERT PL)

Submitter

Krzysztof Zając (CERT PL)

Submitter website

https://cert.pl

Submitter twitter

cert_polska_en

Verified

Yes

WPVDB ID

321b07d1-692f-48e9-a8e5-a15b38efa979

Timeline

Publicly Published

2024-01-17 (about 3 months ago)

Added

2024-01-17 (about 3 months ago)

Last Updated

2024-01-17 (about 3 months ago)

Other

Published

Title

Published

2015-03-30

Title

Newsletter 3.7.0 - Open Redirect

Published

2023-10-25

Title

Parcel Pro < 1.6.12 - Open Redirect

Published

2023-10-06

Title

affiliate-toolkit – WordPress Affiliate Plugin < 3.4.0 - Open Redirect via atkpout.php

Published

2021-02-16

Title

Ninja Forms < 3.4.34 - Administrator Open Redirect

Published

2014-08-07

Title

Feed Statistics < 4.0 - Open Redirect