Open Redirect Vulnerability in StageShow Plugin for WordPress
CVE-2015-5461

Currently unrated

Key Information:

Vendor

Wordpress
Status
Stageshow
Vendor
CVE Published:
8 July 2015

What is CVE-2015-5461?

The StageShow plugin for WordPress contains an Open Redirect vulnerability in the redirect function located in stageshow_redirect.php. This flaw allows remote attackers to manipulate URLs via the 'url' parameter, potentially redirecting unsuspecting users to malicious websites. This vulnerability can be exploited for phishing attacks, compromising user data and trust. Users are strongly advised to update to version 5.0.9 or later to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://wordpress.org/plugins/stageshow/changelog/
x_refsource_CONFIRM
http://packetstormsecurity.com/files/132553/WordPress-Sta...
x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Jul/27
mailing-listx_refsource_FULLDISC

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.