ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Age Verification Plugin <= 0.4 - Open Redirect

Product
Age Verification
Description
Age Verification plugin is prone to an open redirect vulnerability that allows an attacker to redirect users to other malicious web sites. Via GET: http://server/wp-content/plugins/age-verification/age-verification.php?redirect_to=http%3A%2F%2Fwww.evil.com redirect to http://www.evil.com. Via POST: http://server/wp-content/plugins/age-verification/age-verification.php redirect_to: http://www.evil.com .
Solution
Update the plugin.
Classification
Type Open Redirection
References
Exploit-DB
CVE
Name CVE-2012-6499
Versions
Affected In <= 0.4
Fixed In 0.5
Disclosure date
2012-01-10
Credits
Gianluca Brindisi