cjc.im / advisories / 0008
Open redirect in Furikake Wordpress Plugin
This vulnerability has been discovered and reported by Carl Clegg (carl(at)cjc(dot)im)
- 2017-09-10: Vendor Notified
- 2018-01-01: CVE-2017-1000434 assigned
Description and Impact
furikake-redirect parameter on a page allows for a redirect to an attacker controlled page
Proof of Concept
would redirect the user to the site specified in the furikake-redirect variable
Not yet determined.
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.