The Events Calendar <= 4.1.1 - Open Redirect

Sign up to our free email alerts service for instant vulnerability notifications!

Description
The problem is located in the "tribe-bar-view" parameter that can be used to 
redirect a user to an arbitrary website.

Timeline
* 2016-04-04 : Initial contact with Modern Tribe
* 2016-04-05 : Modern Tribe confirms the report
* 2016-04-07 : Modern Tribe publishes a new version (4.1.1.1) that resolves the issue
Proof of Concept
1. Navigate to a website using the Events Calendar.

2. Send the following POST request to the URL:
tribe-bar-view=http://www.evil.com&submit-bar=Find+Events

3. The web browser will be redirected to www.evil.com.

Affects

Plugin the-events-calendar
fixed in version 4.1.1.1

References

URL https://github.com/moderntribe/the-events-calendar/commit/9b945d4c4df8c4f3fa35726aa64bbf6c08b9e3a9#diff-eb6b6c90251ab33cee784713c451e6d8R314

Classification

Type REDIRECT
OWASP Top 10 A10: Unvalidated Redirects and Forwards
CWE CWE-601

Miscellaneous

Submitter Paul Mynarsky
Submitter Website https://www.outpost24.com/
Submitter Twitter https://twitter.com/outpost24
Views 356
Verified No
WPVDB ID 8471

Timeline

Publicly Published 2016-04-25 (8 months ago)
Added 2016-04-26 (8 months ago)
Last Updated 2016-08-21 (4 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.