CVE-2024-1849
WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection
Severity Score
5.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL
El complemento WP Customer Reviews de WordPress anterior a 3.7.1 no valida un parámetro que permite a los contribuyentes y usuarios superiores redirigir una página a una URL maliciosa
The WP Customer Reviews plugin for WordPress is vulnerable to malicious redirects in all versions up to, and including, 3.7.0. This is due to the plugin not properly validating the Business Name field. This makes it possible for authenticated attackers, with contributor-level access and above, to inject malicious redirects.
*Credits:
Dmitrii Ignatyev, WPScan
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-02-23 CVE Reserved
- 2024-03-25 CVE Published
- 2024-04-15 EPSS Updated
- 2024-08-01 CVE Updated
- 2024-08-01 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/e6d9fe28-def6-4f25-9967-a77f91899bfe | 2024-08-01 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Unknown Search vendor "Unknown" | WP Customer Reviews Search vendor "Unknown" for product "WP Customer Reviews" | < 3.7.1 Search vendor "Unknown" for product "WP Customer Reviews" and version " < 3.7.1" | en |
Affected
| ||||||