CVE-2017-2217

State: PUBLISHED · Published: 2017-07-07 · Updated: 2024-08-05 · Assigner: jpcert

Description

Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CWE

(none)

Affected

W3 Eden, Inc. / WordPress Download Manager — v=prior to version 2.9.51 [affected]

CVSS

(none)

References

https://plugins.trac.wordpress.org/changeset/1650075/ x_refsource_CONFIRM
https://jvn.jp/en/jp/JVN79738260/index.html third-party-advisory, x_refsource_JVN
https://wordpress.org/plugins/download-manager/#developers x_refsource_CONFIRM

Source

cvelistV5-main/cves/2017/2xxx/CVE-2017-2217.json