Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WordPress Plugin Daily Inspiration Generator Open Redirect (2.0) - Vulnerability Database

WordPress Plugin Daily Inspiration Generator Open Redirect (2.0)

Description

WordPress Plugin Daily Inspiration Generator is prone to an open redirect vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow attackers to redirect users to arbitrary web sites and conduct phishing attacks; other attacks are also possible. WordPress Plugin Daily Inspiration Generator version 2.0 is vulnerable; prior versions may also be affected.

Remediation

Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available

References

https://codevigilant.com/disclosure/wp-plugin-daily-inspiration-generator-a10-unvalidated-redirects-and-forwards/

Related Vulnerabilities

WordPress Plugin WPtouch Open Redirect (3.4.9) High
Common tags: Missing Update URL Redirection
WordPress Plugin Qode Instagram Widget (embeded in Bridge-Creative Multi-Purpose WordPress Theme) Open Redirect (2.0.1) High
Common tags: Missing Update URL Redirection
WordPress Plugin WP Symposium Open Redirect (13.12) High
Common tags: Missing Update URL Redirection
WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Open Redirect (2.0.19) High
Common tags: Missing Update URL Redirection
WordPress Plugin Feed Statistics Open Redirect (3.0) High
Common tags: Missing Update URL Redirection

Severity

High

Classification

CWE-601
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update
URL Redirection