Описание
The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.3 (исключая)
cpe:2.3:a:deconf:analytics_insights:*:*:*:*:*:wordpress:*:*
EPSS
Процентиль: 94%
0.13033
Средний
6.1 Medium
CVSS3
Дефекты
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
почти 2 года назад
The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
EPSS
Процентиль: 94%
0.13033
Средний
6.1 Medium
CVSS3
Дефекты
CWE-601