Themes Vulnerabilities

T1 theme <= 19.0 - Open Redirect

Description

The theme is vulnerable to unauthenticated open redirect with which any attacker and redirect users to arbitrary websites.

Proof of Concept

Affects Themes

t1
No known fix

References

CVE
CVE-2023-3771

Classification

Type
REDIRECT
OWASP top 10
A1: Injection
CWE
CWE-601
CVSS
4.7 (medium)

Miscellaneous

Original Researcher
Vishal Barot vFlexo
Submitter
Vishal Barot vFlexo
Verified
Yes
WPVDB ID
7c6fc499-de09-4874-ab96-bdc24d550cfb

Timeline

Publicly Published
2023-07-19 (about 2 years ago)
Added
2023-07-19 (about 2 years ago)
Last Updated
2023-07-19 (about 2 years ago)

Other

Published
Title
Published
2024-09-30
Title
ElementsReady Addons for Elementor 6.4.2 - Open Redirect
Published
2021-02-16
Title
Ninja Forms < 3.4.34 - Administrator Open Redirect
Published
2024-05-29
Title
WP Content Copy Protection & No Right Click (premium) < 15.3 - Open Redirect
Published
2015-01-29
Title
WPtouch < 3.7 - Unvalidated Open Redirect
Published
2025-01-24
Title
LearnPress < 4.2.7.2 - Authenticated (Subscriber+) Open Redirect