CVE-2021-25033

CVE-2021-25033: Noptin < 1.6.5 - Open Redirect

Vendor Unknown
Product WordPress Newsletter Plugin – Noptin
Weakness CWE-601 · Open redirect
Published February 14, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter before redirecting the user to its given value, leading to an open redirect issue

Key dates

02Disclosure timeline

February 14, 2022 CVE published
August 3, 2024 Record updated