CVE-2026-1296: Frontend Post Submission Manager Lite <= 1.2.7 - Open Redirect
漏洞描述
The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requested_page' POST parameter in the verify_username_password function. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action such as clicking on a link. [已公开] id: CVE-2026-1296 info: name: Frontend Post Submission Manager Lite <= 1.2.7 - Open Redirect author: Shivam Kamboj severity: medium description: | The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requested_page' POST parameter in the verify_username_password function. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action such as clicking on a link. impact: | Unauthenticated attackers can redirect users to malicious sites, potentially leading to phishing or malware exposure. remediation: | Update to a ve
FOFA 语句
暂无
影响范围
Frontend Post Submission Manager Lite
漏洞详情
POC:
已公开
修复建议
暂无