CVE-2023-5610
Seraphinite Accelerator < 2.20.29 - Authenticated Arbitrary Redirect
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
20 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect
Affected products
Unknown · Seraphinite Accelerator