CVE-2014-8754

Name of the Vulnerable Software and Affected Versions Ad-Manager plugin version 1.1.2

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the out parameter. This is achieved through an open redirect vulnerability in the track-click.php file.

Recommendations For Ad-Manager plugin version 1.1.2, update to a version that fixes this issue to prevent open redirects. As a temporary workaround, consider restricting access to the track-click.php file to minimize the risk of exploitation. Avoid using the out parameter in the affected API endpoint until the issue is resolved.