Newsletter 3.7.0 – Open Redirect | Plugin Vulnerabilities

Description

The Newsletter plugin is susceptible to an Open Redirect vulnerability. This issue is due to the fact user input it taken, and trusted, without validation.

This user input is used when tracking link clicks, via the ‘newsletter/statistics/link.php’ script. User input is Base64 encoded, and split on the ‘;’ character, the third column of which can be manipulated in order to control where the user is redirected to.

Affects Plugins

Fixed in 3.8.3

References

URL

https://g0blin.co.uk/g0blin-00039/

URL

https://plugins.trac.wordpress.org/changeset/1190491/newsletter

Classification

Type

REDIRECT

OWASP top 10

CWE

CVSS

Miscellaneous

Submitter

James Hooker

Submitter website

https://research.g0blin.co.uk

Submitter twitter

Verified

No

WPVDB ID

ad24e17a-57f1-44c6-b7eb-6346a44e0841

Timeline

Publicly Published

2015-03-30 (about 11 years ago)

Added

2015-03-30 (about 11 years ago)

Last Updated

2020-08-12 (about 5 years ago)

Other

Published

Title

Published

2024-09-30

Title

Payflex Payment Gateway < 2.6.2 - Open Redirect

Published

2015-05-29

Title

Wow Moodboard Lite <= 1.1.1.1 - Open Redirect

Published

2025-09-26

Title

WP Gravity Forms HubSpot < 1.2.6 - Open Redirect

Published

2025-04-16

Title

GoodBarber < 1.0.27 - Open Redirect

Published

2021-02-16

Title

Ninja Forms < 3.4.34 - Administrator Open Redirect