First published: Mon Jun 14 2021(Updated: )
The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue.
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
Posimyth The Plus Addons For Elementor | <4.1.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-24358 is a vulnerability in the Plus Addons for Elementor Page Builder WordPress plugin before version 4.1.10 that allows an attacker to perform an Open Redirect attack.
The severity of CVE-2021-24358 is medium with a CVSS score of 6.1.
CVE-2021-24358 affects the Plus Addons for Elementor Page Builder WordPress plugin before version 4.1.10.
To fix CVE-2021-24358, upgrade to version 4.1.10 or later of the Plus Addons for Elementor Page Builder WordPress plugin.
An Open Redirect attack is a vulnerability that allows an attacker to redirect a user to a malicious website, potentially leading to phishing attacks or the stealing of sensitive data.