Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News
Sign In Sign Up

CVE-2024-13888

HIGH
Published 2025-02-20T08:22:06.037Z
Actions:

CVSS Score

V3.1
7.2
/10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector
Not Available
Attack Complexity
Not Available
Privileges Required
Not Available
User Interaction
Not Available
Scope
Not Available

Impact Metrics

Confidentiality
Not Available
Integrity
Not Available
Availability
Not Available

Description

The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Available Exploits

WPMobile.App <= 11.56 - Open Redirect

The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

ID: CVE-2024-13888
Author: s4e-io High

References:

Related News

No news articles found for this CVE.

Affected Products

amauric

WPMobile.App

Affected Versions:

*

References

https://www.wordfence.com/threat-intel/vulnerabilities/id/a139f0fc-f3e0-4759-aa8d-ba138e5ccc87?source=cve
https://wordpress.org/plugins/wpappninja/#developers
https://plugins.trac.wordpress.org/changeset/3243366
Published: 2025-02-20T08:22:06.037Z
Last Modified: 2025-02-20T16:11:42.708Z
Copied to clipboard!