WordPress Plugin Vulnerabilities

Quick Page/Post redirect < 5.2.0 - Authenticated Settings Update

Description

A lack of capability check and a weak security nonce could allow a low-privileged user such as a contributor to interact with the plugin settings and to create a redirect link that would forward all traffic to an external malicious website. Redirections are performed via the 'Location' header

Affects Plugins

Plugin icon
quick-pagepost-redirect-plugin
Fixed in 5.2.0

References

CVE
CVE-2020-36699
URL
https://blog.nintechnet.com/authenticated-settings-change-vulnerability-in-wordpress-quick-page-post-redirect-plugin-unpatched/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
9.1 (critical)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet.com)
Verified
No
WPVDB ID
d658436a-0011-42d2-a147-c471805ca1d1

Timeline

Publicly Published
2020-04-28 (about 6 years ago)
Added
2020-04-28 (about 6 years ago)
Last Updated
2023-06-08 (about 2 years ago)

Other

Published
Title
Published
2021-01-22
Title
Doneren met Mollie < 2.8.5 - Unauthorised CSV Export leading to Sensitive Data Disclosure
Published
2021-03-16
Title
Flo Forms < 1.0.36 - Authenticated Options Change to Stored XSS
Published
2021-09-20
Title
WP Import Export Lite < 3.9.5 - Subscriber+ Arbitrary Blog Options Update
Published
2024-01-24
Title
Views for WPForms < 3.2.3 - Missing Authorization via save_view
Published
2020-12-14
Title
Total Upkeep by BoldGrid < 1.14.10 - Unauthenticated Backup Download