CVE-2015-10104

CVSS V2 None CVSS V3 None

Description

A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argument redirect_url leads to open redirect. The attack may be launched remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 63124c021ae24b68e56872530df26eb4268ad633. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227756.

Overview

CVE ID
CVE-2015-10104

Assigner
cna@vuldb.com

Vulnerability Status
Received

Published Version
2023-04-30T21:15:30

Last Modified Date
2023-04-30T21:15:30

Weakness Enumerations

CWE	URL
CWE-601	http://cwe.mitre.org/data/definitions/601.html

References

Reference URL	Reference Tags
https://github.com/wp-plugins/icons-for-features/commit/63124c021ae24b68e56872530df26eb4268ad633
https://github.com/wp-plugins/icons-for-features/releases/tag/1.0.1
https://vuldb.com/?ctiid.227756
https://vuldb.com/?id.227756

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2015-10104
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-10104

History

Created	Old Value	New Value	Data Type	Notes
2023-04-30 22:00:53				Added to TrackCVE
2023-04-30 22:00:54			Weakness Enumeration	new