Skip to main content

Open Redirect CVE-2026-39484

| EUVD-2026-20152 MEDIUM
URL Redirection to Untrusted Site (Open Redirect) (CWE-601)
2026-04-08 Patchstack GHSA-vvj2-j66f-h239
Open Redirect
4.7
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Apr 14, 2026 - 16:22 vuln.today
CVSS changed
Apr 14, 2026 - 16:22 NVD
4.7 (MEDIUM)
EUVD ID Assigned
Apr 08, 2026 - 08:45 euvd
EUVD-2026-20152
CVE Published
Apr 08, 2026 - 08:30 nvd
N/A

DescriptionNVD

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through < 7.0.00.

AnalysisAI

Open redirect vulnerability in Hide My WP Ghost WordPress plugin versions below 7.0.00 allows unauthenticated remote attackers to redirect users to arbitrary external websites, enabling phishing attacks. The vulnerability requires user interaction (clicking a malicious link) and affects the plugin's URL handling. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-39484 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy