WordPress Plugin Vulnerabilities

Integrate Google Drive < 1.3.3 - Open Redirect via state

Description

The plugin does not validate the state parameter before redirecting the user to its value, leading to an Open Redirect issue

Affects Plugins

Plugin icon
integrate-google-drive
Fixed in 1.3.3

References

CVE
CVE-2023-47548
URL
https://patchstack.com/database/vulnerability/integrate-google-drive/wordpress-integrate-google-drive-plugin-1-3-0-open-redirection-vulnerability

Classification

Type
REDIRECT
OWASP top 10
A1: Injection
CWE
CWE-601
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
minhtuanact
Verified
No
WPVDB ID
79f2e8cf-772c-4d7e-9815-326e1feb1d41

Timeline

Publicly Published
2023-11-07 (about 2 years ago)
Added
2023-11-23 (about 2 years ago)
Last Updated
2023-12-06 (about 2 years ago)

Other

Published
Title
Published
2015-01-29
Title
WPtouch < 3.7 - Unvalidated Open Redirect
Published
2025-10-21
Title
WP Gravity Forms Zoho CRM and Bigin < 1.2.9 - Open Redirect
Published
2026-01-30
Title
Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress <= 1.4.1 - Unauthenticated Open Redirect
Published
2015-07-05
Title
StageShow <= 5.0.8 - Open Redirect
Published
2025-04-16
Title
Fast eBay Listings < 2.12.16 - Open Redirect