CVE-2015-10115

WooSidebars Sidebar Manager Converter Plugin class-woosidebars-sbm-converter.php process_request redirect

CVSS 4.3 MEDIUMEPSS 0.7%CWE-601

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 4.3EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

05 jun 2023Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

A vulnerability, which was classified as problematic, was found in WooSidebars Sidebar Manager Converter Plugin up to 1.1.1 on WordPress. This affects the function process_request of the file classes/class-woosidebars-sbm-converter.php. The manipulation leads to open redirect. It is possible to initiate the attack remotely. Upgrading to version 1.1.2 is able to address this issue. The patch is named a0efb4ffb9dfe2925b889c1aa5ea40b4abbbda8a. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230655.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Produtos afetados

n/a · WooSidebars Sidebar Manager Converter Plugin

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/wp-plugins/woosidebars-sbm-converter/commit/a0efb4ffb9dfe2925b889c1aa5ea40b4abbbda8a https://vuldb.com/?ctiid.230655 https://vuldb.com/?id.230655