[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] WordPress Newsletter Plug-in URL Redirection Vulnerability - CVE Request
From: Jing Wang <justqdjing () gmail ! com>
Date: 2015-04-23 16:32:30
Message-ID: CAFWG0-jJyeOWZUykFXXxDDuGKsnPZbUHBZnO9Rwpuv_B=_FzwQ () mail ! gmail ! com
[Download RAW message or body]
Hello,
Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.
http://seclists.org/fulldisclosure/2015/Mar/23
http://www.osvdb.org/show/osvdb/119170
http://packetstormsecurity.com/files/130647/wpnewsletter-openredirect.txt
=======
Exploit Title:
The Newsletter Plugin for WordPress do.php nr Parameter Open Redirect
Product:
WordPress Newsletter Plug-in
Vendor:
Satollo.net
Vendor Link:
http://www.satollo.net/downloads
https://wordpress.org/plugins/newsletter/
https://github.com/WordPress-Plugins-Themes/newsletter
Vulnerable Versions:
Version 2.6.4.4
version 2.6.4.3
version 2.6.4.2
version 2.6.4.1
version 2.6.4
version 2.6.3
version 2.5.3.3
version 2.5.3.2
version 2.5.3.1
version 2.5.3
version 2.5.2.3
version 2.5.2.2
version 2.5.2.1
version 2.5.2
version 2.5.1.5
version 2.5.1.4
Version 2.5.1.3
Version 2.5.1.2
Version 2.5.1.1
Version 2.5.1
Version 2.5.0.1
Version 2.5.0
Tested Versions:
Check All Related Versions' Source Code
=======
Best Regards,
Jing
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic