Converter for Media – Optimize images | Convert WebP & AVIF, CVE-2021-25074
- CVE, Research URL
- Home page URL
-
Security reports for Converter for Media – Optimize images | Convert WebP & AVIF
- Published on
- -
- Research Description
- The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an Open Redirect issue
- Affected versions
-
max 4.0.3.
- Status
-
vulnerable