CVE-2015-10114

Name of the Vulnerable Software and Affected Versions WooSidebars Plugin versions up to 1.4.1

Description A problematic issue has been found in the WooSidebars Plugin on WordPress, affecting the function enable custom post sidebars of the file classes/class-woo-sidebars.php. The manipulation of the argument sendback leads to open redirect. The attack may be launched remotely.

Recommendations For WooSidebars Plugin versions up to 1.4.1, upgrade to version 1.4.2 to address this issue. As a temporary workaround, consider disabling the enable custom post sidebars function until the patch is applied. Restrict access to the classes/class-woo-sidebars.php file to minimize the risk of exploitation. Avoid using the argument sendback in the affected function until the issue is resolved.