Open Redirect Vulnerability in Heateor's Sassy Social Share Plugin
CVE-2025-39404
4.7MEDIUM
What is CVE-2025-39404?
An Open Redirect vulnerability found in Heateor's Sassy Social Share plugin can lead to phishing attacks by allowing malicious redirection to untrusted sites. This issue impacts versions up to 3.3.73, posing a security risk for users who may unknowingly click on links that redirect them to malicious pages. Users are advised to update their plugins to mitigate the risk associated with this vulnerability.
Affected Version(s)
Sassy Social Share <= 3.3.73
References
CVSS V3.1
Score:
4.7
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Affan Ali - @MuslimFromPK (Patchstack Alliance)