WPtouch <= 3.6.6 - Unvalidated Open Redirect



Proof of Concept
http://www.example.com/?wptouch_switch=mobile&redirect=http%3A%2F%2Fdomain[.com]

Affects Plugin

fixed in version 3.7

References

URL https://wordpress.org/plugins/wptouch/changelog/

Classification

Type REDIRECT
CWE CWE-601

Miscellaneous

Submitter ethicalhack3r
Submitter Website https://dewhurstsecurity.com/
Submitter Twitter ethicalhack3r
Views 4485
Verified No
WPVDB ID 7837

Timeline

Publicly Published 2015-01-29 (over 5 years ago)
Added 2015-03-09 (over 5 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin