ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Google Adsense and Hotel Booking Plugin <= 1.05 - Open Redirection

Product
Google Adsense and Hotel Booking
Description
The vulnerability is in the ./plugin/google-adsense-and-hotel-booking/proxy.php. It allows an arbitrary user to proxy POST requests though the host site. This may allow attackers to hide attacks.
Solution
Update the plugin.
Classification
Type Open Redirection
OWASP Top 10 A10: Unvalidated Redirects and Forwards
References
Vapid
CVE
Name CVE-2015-1000009
Versions
Affected In <= 1.05
Fixed In 1.06
Disclosure date
2015-08-15
Credits
Larry W. Cashdollar