WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Newsletter 3.7.0 - Open Redirect

Description

The Newsletter plugin is susceptible to an Open Redirect vulnerability. This issue is due to the fact user input it taken, and trusted, without validation.

This user input is used when tracking link clicks, via the ‘newsletter/statistics/link.php’ script. User input is Base64 encoded, and split on the ‘;’ character, the third column of which can be manipulated in order to control where the user is redirected to.

Affects Plugins

newsletter
Fixed in version 3.8.3

References

URL
https://g0blin.co.uk/g0blin-00039/
URL
https://plugins.trac.wordpress.org/changeset/1190491/newsletter

Classification

Type

REDIRECT

OWASP top 10
A1: Injection
CWE
CWE-601

Miscellaneous

Submitter

James Hooker

Submitter website
https://research.g0blin.co.uk
Submitter twitter
g0blinResearch
Verified

No

WPVDB ID
ad24e17a-57f1-44c6-b7eb-6346a44e0841

Timeline

Publicly Published

2015-03-30 (about 8 years ago)

Added

2015-03-30 (about 8 years ago)

Last Updated

2020-08-12 (about 3 years ago)

Our Other Services

WPScan WordPress Security Plugin