Open Redirect Vulnerability in WP Symposium Plugin for WordPress
CVE-2013-2694

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Symposium
Vendor: CVE Published:; 28 March 2014

What is CVE-2013-2694?

An open redirect vulnerability exists in the WP Symposium plugin (version 13.04). This flaw allows remote attackers to redirect users to arbitrary websites by exploiting a URL parameter in invite.php. Such exploitation can facilitate phishing attacks, putting users at risk of revealing sensitive information. Proper validation of input is essential to mitigate this issue and ensure user safety.

References

http://www.securityfocus.com/bid/59045

vdb-entryx_refsource_BID

http://osvdb.org/92274

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/52925

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 28, 2014
Vulnerability Reserved
Mar 26, 2013

Wordpress

What is CVE-2013-2694?

References

Timeline