WordPress Plugin Vulnerabilities

Feed Statistics < 4.0 - Open Redirect

Description

The Feed Statistics WordPress plugin was affected by an Open Redirect security vulnerability.

Affects Plugins

Plugin icon
wordpress-feed-statistics
Fixed in 4.0

References

CVE
CVE-2018-17074
URL
https://hackerone.com/reports/22142
URL
https://plugins.trac.wordpress.org/browser/wordpress-feed-statistics/trunk/feed-statistics.php?rev=960868

Classification

Type
REDIRECT
OWASP top 10
A1: Injection
CWE
CWE-601
CVSS
6.1 (medium)

Miscellaneous

Original Researcher
Muhammad Talha Khan (mtk)
Submitter
admin
Verified
No
WPVDB ID
7881fa27-5ea4-4b86-b901-f2db634e6620

Timeline

Publicly Published
2014-08-07 (about 11 years ago)
Added
2014-09-17 (about 11 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-10-24
Title
Sunshine Photo Cart < 3.2.11 - Open Redirect
Published
2024-08-16
Title
Salon booking system < 10.9 - Unauthenticated Open Redirect
Published
2025-11-03
Title
WP Front User Submit < 5.0.0 - Open Redirect
Published
2017-09-20
Title
WordPress 2.9.2-4.8.1 - Open Redirect
Published
2024-06-19
Title
Export WP Page to Static HTML/CSS < 2.2.3 - Open Redirect