Unrated severityNVD Advisory· Published Apr 15, 2024· Updated Aug 1, 2024
WP Customer Reviews < 3.7.1 - Malicious Redirect via HTTP-EQUIV Injection
CVE-2024-1849
Description
The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.7.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/e6d9fe28-def6-4f25-9967-a77f91899bfe/mitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.