Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3433

The Advanced Advertising System plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.1. This is due to insufficient validation on the redirect url supplied via the 'redir' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

Published

2025-04-08T09:15:28.943

Last Modified

2025-04-08T18:13:53.347

Status

Awaiting Analysis

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-601

Affected Vendors & Products

References

https://plugins.trac.wordpress.org/browser/advanced-advertising-system/trunk/shortcode.php#L165 ([email protected])
https://www.wordfence.com/threat-intel/vulnerabilities/id/72a56589-9dc0-47a7-bb68-e31f84a639ee?source=cve ([email protected])