WordPress Plugin Vulnerabilities
WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection
Description
The plugin does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL
Proof of Concept
1) Create a new post 2) In the "Bussness Name" field enter the payload: `0;http://smth.me/" HTTP-EQUIV="refresh" a="a)` 3) Save the post and view it. You will see that you are redirected.
Affects Plugins
References
CVE
Classification
Type
REDIRECT
OWASP top 10
CWE
Miscellaneous
Original Researcher
Dmitrii Ignatyev
Submitter
Dmitrii Ignatyev
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2024-03-25 (about 1 months ago)
Added
2024-03-25 (about 1 months ago)
Last Updated
2024-03-25 (about 1 months ago)