Payment Gateway For Telcell
Monthly
The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.