CVE-2015-10115

WooSidebars Sidebar Manager Converter Plugin class-woosidebars-sbm-converter.php process_request redirect

CVSS 4.3 MEDIUMEPSS 0.7%CWE-601

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 4.3EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

05 jun 2023Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability, which was classified as problematic, was found in WooSidebars Sidebar Manager Converter Plugin up to 1.1.1 on WordPress. This affects the function process_request of the file classes/class-woosidebars-sbm-converter.php. The manipulation leads to open redirect. It is possible to initiate the attack remotely. Upgrading to version 1.1.2 is able to address this issue. The patch is named a0efb4ffb9dfe2925b889c1aa5ea40b4abbbda8a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230655.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Productos afectados

n/a · WooSidebars Sidebar Manager Converter Plugin

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/wp-plugins/woosidebars-sbm-converter/commit/a0efb4ffb9dfe2925b889c1aa5ea40b4abbbda8a https://vuldb.com/?ctiid.230655 https://vuldb.com/?id.230655