The plugin contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue
https://example.com/wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https://wpscan.com
Krzysztof Zając
Krzysztof Zając
Yes
2021-12-27 (about 1 years ago)
2021-12-27 (about 1 years ago)
2022-04-16 (about 9 months ago)