The WordPress Newsletter Plugin WordPress plugin before 1... · CVE-2021-25033 · GitHub Advisory Database · GitHub

The WordPress Newsletter Plugin WordPress plugin before 1...

Moderate severity Unreviewed Published Feb 15, 2022 to the GitHub Advisory Database • Updated Feb 3, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue

References

Published by the National Vulnerability Database

Feb 14, 2022

Published to the GitHub Advisory Database Feb 15, 2022

Last updated Feb 3, 2023