PT-2019-18063 · Premium Wp Suite · Premium Wp Suite Easy Redirect Manager

Alexander Drabek

+1

·

Publicado

2019-01-15

·

Atualizado

2019-01-17

·

CVE-2019-6267

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Premium WP Suite Easy Redirect Manager plugin version 28.07-17
Description The issue concerns a crafted GET request that is mishandled during log viewing, leading to XSS. This occurs at the 'templates/admin/redirect-log.php' URI.
Recommendations For Premium WP Suite Easy Redirect Manager plugin version 28.07-17, consider disabling the log viewing feature at the 'templates/admin/redirect-log.php' URI until a patch is available. Restrict access to this URI to minimize the risk of exploitation.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2019-6267

Produtos afetados

Premium Wp Suite Easy Redirect Manager