CVE-2015-10113

Name of the Vulnerable Software and Affected Versions WooFramework Tweaks Plugin versions up to 1.0.1

Description A vulnerability was found in the WooFramework Tweaks Plugin on WordPress. The issue affects the admin screen logic function of the file wooframework-tweaks.php. The manipulation of the url argument leads to an open redirect. This attack can be launched remotely.

Recommendations For WooFramework Tweaks Plugin versions up to 1.0.1, upgrade to version 1.0.2 to address this issue. As a temporary workaround, consider restricting access to the admin screen logic function until the update is applied. Avoid using the url argument in the affected function to minimize the risk of exploitation.