CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
Description
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-178
CVEs mapped to this weakness (835)
page 26 of 42| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-47644 | Med | 0.31 | 4.7 | 0.00 | May 7, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through <=… | ||
| CVE-2025-47456 | Med | 0.31 | 4.7 | 0.00 | May 7, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Zendesk gf-zendesk allows Phishing.This issue affects WP Gravity Forms Zendesk: from n/a through <= 1.1.2. | ||
| CVE-2025-47455 | Med | 0.31 | 4.7 | 0.00 | May 7, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Salesforce woo-salesforce-plugin-crm-perks allows Phishing.This issue affects Integration for WooCommerce and Salesforce: from n/a through <= 1.7.5. | ||
| CVE-2025-47454 | Med | 0.31 | 4.7 | 0.00 | May 7, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Dynamics CRM gf-dynamics-crm allows Phishing.This issue affects WP Gravity Forms Dynamics CRM: from n/a through <= 1.1.4. | ||
| CVE-2025-39404 | Med | 0.31 | 4.7 | 0.00 | Apr 24, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share sassy-social-share allows Phishing.This issue affects Sassy Social Share: from n/a through <= 3.3.73. | ||
| CVE-2025-39599 | Med | 0.31 | 4.7 | 0.00 | Apr 16, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom listdom allows Phishing.This issue affects Listdom: from n/a through <= 4.0.0. | ||
| CVE-2025-39597 | Med | 0.31 | 4.7 | 0.00 | Apr 16, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay Listings fast-ebay-listings allows Phishing.This issue affects Fast eBay Listings: from n/a through <= 2.12.15. | ||
| CVE-2025-32694 | Med | 0.31 | 4.7 | 0.00 | Apr 9, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Phishing.This issue affects Ultimate WP Mail: from n/a through <= 1.3.10. | ||
| CVE-2025-32693 | Med | 0.31 | 4.7 | 0.00 | Apr 9, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Phishing.This issue affects WebinarPress: from n/a through <= 1.33.28. | ||
| CVE-2025-31871 | Med | 0.31 | 4.7 | 0.00 | Apr 1, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through <= 3.6. | ||
| CVE-2025-31821 | Med | 0.31 | 4.7 | 0.00 | Apr 1, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integration of Zoho CRM and Contact Form 7 allows Phishing. This issue affects Integration of Zoho CRM and Contact Form 7: from n/a through 1.0.6. | ||
| CVE-2025-30885 | Med | 0.31 | 4.7 | 0.00 | Mar 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through <= 2.18.0. | ||
| CVE-2025-30884 | Med | 0.31 | 4.7 | 0.00 | Mar 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through <= 2.4.10. | ||
| CVE-2025-30795 | Med | 0.31 | 4.7 | 0.00 | Mar 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through <= 3.5.1. | ||
| CVE-2025-30781 | Med | 0.31 | 4.7 | 0.00 | Mar 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce order-status-rules-for-woocommerce allows Phishing.This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from… | ||
| CVE-2025-28896 | Med | 0.31 | 4.7 | 0.00 | Mar 11, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akshar Soft Solutions AS English Admin as-english-admin allows Phishing.This issue affects AS English Admin: from n/a through <= 1.0.0. | ||
| CVE-2025-24741 | Med | 0.31 | 4.7 | 0.00 | Jan 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in LOGON KB Support kb-support.This issue affects KB Support: from n/a through <= 1.6.7. | ||
| CVE-2025-24740 | Med | 0.31 | 4.7 | 0.00 | Jan 27, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress learnpress.This issue affects LearnPress: from n/a through <= 4.2.7.1. | ||
| CVE-2024-54255 | Med | 0.31 | 4.7 | 0.00 | Dec 9, 2024 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: from n/a through <= 6.1.2. | ||
| CVE-2024-50463 | Med | 0.31 | 4.7 | 0.00 | Oct 28, 2024 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9. |
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through <=…
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Zendesk gf-zendesk allows Phishing.This issue affects WP Gravity Forms Zendesk: from n/a through <= 1.1.2.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Salesforce woo-salesforce-plugin-crm-perks allows Phishing.This issue affects Integration for WooCommerce and Salesforce: from n/a through <= 1.7.5.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms Dynamics CRM gf-dynamics-crm allows Phishing.This issue affects WP Gravity Forms Dynamics CRM: from n/a through <= 1.1.4.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share sassy-social-share allows Phishing.This issue affects Sassy Social Share: from n/a through <= 3.3.73.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Webilia Inc. Listdom listdom allows Phishing.This issue affects Listdom: from n/a through <= 4.0.0.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Arthur Yarwood Fast eBay Listings fast-ebay-listings allows Phishing.This issue affects Fast eBay Listings: from n/a through <= 2.12.15.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Phishing.This issue affects Ultimate WP Mail: from n/a through <= 1.3.10.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPWebinarSystem WebinarPress wp-webinarsystem allows Phishing.This issue affects WebinarPress: from n/a through <= 1.33.28.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Galaxy Weblinks WP Clone any post type wp-clone-any-post-type allows Phishing.This issue affects WP Clone any post type: from n/a through <= 3.6.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations Integration of Zoho CRM and Contact Form 7 allows Phishing. This issue affects Integration of Zoho CRM and Contact Form 7: from n/a through 1.0.6.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through <= 2.18.0.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bit Apps Bit Integrations bit-integrations allows Phishing.This issue affects Bit Integrations: from n/a through <= 2.4.10.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Aman FunnelKit Automations wp-marketing-automations allows Phishing.This issue affects FunnelKit Automations: from n/a through <= 3.5.1.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WPFactory Scheduled & Automatic Order Status Controller for WooCommerce order-status-rules-for-woocommerce allows Phishing.This issue affects Scheduled & Automatic Order Status Controller for WooCommerce: from…
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akshar Soft Solutions AS English Admin as-english-admin allows Phishing.This issue affects AS English Admin: from n/a through <= 1.0.0.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in LOGON KB Support kb-support.This issue affects KB Support: from n/a through <= 1.6.7.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress learnpress.This issue affects LearnPress: from n/a through <= 4.2.7.1.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: from n/a through <= 6.1.2.
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.9.