Unauthorized Redirect Vulnerability in Share This Image Plugin
CVE-2024-8761

7.2HIGH

Key Information:

Vendor: WordPress
Status: Share This Image
Vendor: CVE Published:; 17 September 2024

What is CVE-2024-8761?

The Share This Image plugin for WordPress possesses an Open Redirect vulnerability due to inadequate validation on the redirect URL provided via the link parameter. This flaw allows unauthenticated attackers to trick users into clicking on links that redirect them to potentially harmful external sites. As a result, users could inadvertently expose their personal information or become victims of phishing attacks. It is crucial for users of this plugin to implement security measures or updates to mitigate the associated risks.

Affected Version(s)

Share This Image 0 <= 2.03

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://wordpress.org/plugins/share-this-image/#developers

https://plugins.trac.wordpress.org/browser/share-this-ima...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2024

CVE-2024-8761 Data

JSON