Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-30 | CVE-2019-15816 | Open Redirect vulnerability in Wpexpertdeveloper WP Private Content Plus The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | 7.5 |
| 2019-08-29 | CVE-2019-15771 | Open Redirect vulnerability in Components for WP Bakery Page Builder Project Components for WP Bakery Page Builder The nd-shortcodes plugin before 6.0 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 6.1 |
| 2019-08-29 | CVE-2019-15776 | Open Redirect vulnerability in Webcraftic Simple 301 Redirects-Addon-Bulk Uploader The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file. | 6.1 |
| 2019-08-29 | CVE-2019-15775 | Open Redirect vulnerability in Learning Courses Project Learning Courses The nd-learning plugin before 4.8 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 6.1 |
| 2019-08-29 | CVE-2019-15774 | Open Redirect vulnerability in Booking Project Booking The nd-booking plugin before 2.5 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 6.1 |
| 2019-08-29 | CVE-2019-15773 | Open Redirect vulnerability in Travel Management Project Travel Management The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 6.1 |
| 2019-08-29 | CVE-2019-15772 | Open Redirect vulnerability in Donations Project Donations The nd-donations plugin before 1.4 for WordPress has a nopriv_ AJAX action that allows modification of the siteurl setting. | 6.1 |
| 2019-08-23 | CVE-2016-6154 | Open Redirect vulnerability in Watchguard Fireware The authentication applet in Watchguard Fireware 11.11 Operating System has reflected XSS (this can also cause an open redirect). | 6.1 |
| 2019-08-23 | CVE-2019-10751 | Open Redirect vulnerability in Httpie All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control. | 8.8 |
| 2019-08-23 | CVE-2019-13422 | Open Redirect vulnerability in Search-Guard Search Guard Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially malicious site upon Kibana login. | 6.1 |