CVE-2023-48325

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Dec 7, 2023

Updated: Dec 12, 2023

CWE ID 601

Summary

CVE-2023-48325 is a URL Redirection vulnerability affecting the PluginOps Landing Page Builder for WordPress. Versions from n/a to 1.5.1.5 are susceptible to this issue, where untrusted sites can be redirected due to insufficient input validation. This open redirect vulnerability poses a significant risk, as it can be exploited to redirect users to malicious websites, potentially leading to phishing or data theft attacks. Users are urged to update their plugins to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Pluginops Landing Page Builder

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/taFsD8
https://www.cve.org/CVERecord?id=CVE-2023-48325
https://nvd.nist.gov/vuln/detail/CVE-2023-48325

Back to Vulnerability Database

CVE-2023-48325

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations