CVE-2015-5461
NONE EPSS 92.7%
Published Jul 8, 201510y ago · Modified Jun 17, 20262w ago
Published Jul 8, 2015 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plugin before 5.0.9 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
Threat Intelligence
EPSS Exploit Probability
92.7% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| stageshow_project | stageshow | * | ≤5.08 |
References 6
- packetstormsecurity.com http://packetstormsecurity.com/files/132553/WordPress-StageShow-5.0.8-Open-Redirect.html
- seclists.org http://seclists.org/fulldisclosure/2015/Jul/27
- securityfocus.com http://www.securityfocus.com/bid/75552
- plugins.trac.wordpress.org https://plugins.trac.wordpress.org/changeset/1165310/
- wordpress.org https://wordpress.org/plugins/stageshow/changelog/
- wpvulndb.com https://wpvulndb.com/vulnerabilities/8073
Remediation
- wordpress.org https://wordpress.org/plugins/stageshow/changelog/