CVE-2021-25102

Published: May 2, 2022Modified: Nov 21, 2024

4.7

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 1.6 / Impact: 2.7

Source: NVD

Description

The All In One WP Security & Firewall WordPress plugin before 4.4.11 does not validate, sanitise and escape the redirect_to parameter before using it to redirect user, either via a Location header, or meta url attribute, when the Rename Login Page is active, which could lead to an Arbitrary Redirect as well as Cross-Site Scripting issue. Exploitation of this issue requires the Login Page URL value to be known, which should be hard to guess, reducing the risk

Affected (1)

Products: Tipsandtricks Hq: All In One Wp Security & Firewall

Tipsandtricks Hq

1 product

All In One Wp Security & Firewall

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tipsandtricks Hq All In One Wp Security & Firewall	Before 4.4.11

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (2)

https://wpscan.com/vulnerability/9b8a00a6-622b-4309-bbbf-fe2c7fc9f8b6

Source: contact@wpscan.com

ExploitThird Party Advisory

https://wpscan.com/vulnerability/9b8a00a6-622b-4309-bbbf-fe2c7fc9f8b6

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.