WordPress Plugin Vulnerabilities

affiliate-toolkit – WordPress Affiliate Plugin < 3.4.0 - Open Redirect via atkpout.php

Description

The affiliate-toolkit – WordPress Affiliate Plugin is vulnerable to Open Redirect in versions up to, and including, 3.3.9. This is due to insufficient validation on the redirect url supplied via the 'url' parameter in atkpout.php. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. Only sites that do not have a atkp-imagereceiver-key.php setup are vulnerable, as the attacker must calculate the md5 hash of the URL combined with the key from that file in order to successfully redirect victims. If atkp-imagereceiver-key.php is not present, the md5 hash of atkpout.php, which is publicly available, will be used, allowing redirection.

Affects Plugins

Plugin icon
affiliate-toolkit-starter
Fixed in 3.4.0

References

CVE
CVE-2023-45105
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/06b332de-4f94-47dc-a573-53514adaf5c0

Classification

Type
REDIRECT
OWASP top 10
A1: Injection
CWE
CWE-601
CVSS
3.4 (low)

Miscellaneous

Original Researcher
minhtuanact
Verified
No
WPVDB ID
7203ab12-3afc-40db-8b6b-077f74ff8a51

Timeline

Publicly Published
2023-10-06 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2024-01-05 (about 2 years ago)

Other

Published
Title
Published
2014-08-01
Title
Password Protected 1.4 - Login Process redirect_to Parameter Arbitrary Site Redirect
Published
2022-03-29
Title
English WordPress Admin < 1.5.2 - Unauthenticated Open Redirect
Published
2021-06-01
Title
MC4WP: Mailchimp for WordPress < 4.8.5 - Authenticated Arbitrary Redirect
Published
2025-07-03
Title
AI Engine 2.8.4 - Insecure OAuth Implementation
Published
2021-12-22
Title
Event Tickets < 5.2.2 - Open Redirect