WordPress Plugin Vulnerabilities

PhastPress < 1.111 - Open Redirect

Description

There is an open redirect in the plugin that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. There is also a support comment from another user one year ago (https://wordpress.org/support/topic/phast-php-used-for-remote-fetch/) that says that the php involved in the request only go to whitelisted pages but it's possible to redirect the victim to any domain.

Proof of Concept

Affects Plugins

Plugin icon
phastpress
Fixed in 1.111

References

CVE
CVE-2021-24210
URL
https://plugins.trac.wordpress.org/changeset/2497610/

Classification

Type
REDIRECT
OWASP top 10
A1: Injection
CWE
CWE-601
CVSS
4.3 (medium)

Miscellaneous

Original Researcher
Felipe Restrepo Rodriguez
Submitter
Felipe Restrepo Rodriguez
Submitter twitter
Pfelilpe
Verified
Yes
WPVDB ID
9b3c5412-8699-49e8-b60c-20d2085857fb

Timeline

Publicly Published
2021-03-19 (about 4 years ago)
Added
2021-03-19 (about 4 years ago)
Last Updated
2021-03-20 (about 4 years ago)

Other

Published
Title
Published
2025-08-14
Title
elink <= 1.1.0 - Contributor+ Arbitrary Redirect
Published
2025-05-07
Title
WP Gravity Forms Zendesk < 1.1.3 - Open Redirect
Published
2015-01-29
Title
WPtouch < 3.7 - Unvalidated Open Redirect
Published
2020-11-27
Title
Age Gate < 2.13.5 - Unauthenticated Open Redirect
Published
2025-05-07
Title
Integrations of Zoho CRM with Elementor form <= 1.0.8 - Open Redirect