oss-sec mailing list archives

Newsletter Plugin for WordPress Unvalidated Redirects and Forwards URL Vulnerability - CVE Request

From: Ryan King <tetraphibious () gmail com>
Date: Fri, 3 Jul 2015 16:26:23 +0800

Hello,

Could you assign a CVE reference ID for the following vulnerability?
Thank you very much.


http://seclists.org/fulldisclosure/2015/Mar/23http://www.osvdb.org/show/osvdb/119170http://tetraph.com/security/open-redirect/wordpress-newsletter-plug-in-url-redirection-open-redirect-security-vulnerabilities/http://packetstormsecurity.com/files/130647/wpnewsletter-openredirect.txthttp://lists.openwall.net/full-disclosure/2015/03/05/2http://permalink.gmane.org/gmane.comp.security.fulldisclosure/1663




=======
Exploit Title:
The Newsletter Plugin for WordPress do.php nr Parameter Open Redirect

Product:
WordPress Newsletter Plug-in

Vendor:
Satollo.net


Vendor 
Link:http://www.satollo.net/downloadshttp://www.thenewsletterplugin.com/https://wordpress.org/plugins/newsletter/https://github.com/WordPress-Plugins-Themes/newsletter



Vulnerable Versions:
Version 2.6.4.4
version 2.6.4.3
version 2.6.4.2
version 2.6.4.1
version 2.6.4
version 2.6.3
version 2.5.3.3
version 2.5.3.2
version 2.5.3.1
version 2.5.3
version 2.5.2.3
version 2.5.2.2
version 2.5.2.1
version 2.5.2
version 2.5.1.5
version 2.5.1.4
Version 2.5.1.3
Version 2.5.1.2
Version 2.5.1.1
Version 2.5.1
Version 2.5.0.1
Version 2.5.0




Tested Versions:
Check All Related Versions' Source Code





=======


Best Regards,
Wang Jing




--
Jing Wang,
Division of Mathematical Sciences (MAS),
School of Physical and Mathematical Sciences (SPMS),
Nanyang Technological University (NTU),
Singapore.http://www.tetraph.com/wangjing/https://twitter.com/justqdjing

Current thread:

Newsletter Plugin for WordPress Unvalidated Redirects and Forwards URL Vulnerability - CVE Request Ryan King (Jul 03)