Open Redirect Vulnerability in WP Symposium Plugin for WordPress
CVE-2013-2694

Currently unrated

Key Information:

Vendor: Wordpress
Status: WP Symposium
Vendor: CVE Published:; 28 March 2014

Summary

An open redirect vulnerability exists in the WP Symposium plugin (version 13.04). This flaw allows remote attackers to redirect users to arbitrary websites by exploiting a URL parameter in invite.php. Such exploitation can facilitate phishing attacks, putting users at risk of revealing sensitive information. Proper validation of input is essential to mitigate this issue and ensure user safety.

References

http://www.securityfocus.com/bid/59045

vdb-entryx_refsource_BID

http://osvdb.org/92274

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/52925

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Mar 28, 2014
Vulnerability Reserved
Mar 26, 2013