Skip to main content

CVE-2021-25033

Description

The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue

NVD
Severity: MEDIUM
CVE ID: CVE-2021-25033
CVSS Score: 6.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2021-25033

Refrence: Project Discovery GitHub

Description
Proof Of Concept