Primary

Context

Payment Gateway for Telcell WordPress Plugin Open Redirect Vulnerability

Vulnerability

An open redirect vulnerability has been identified in the Payment Gateway for Telcell WordPress plugin, affecting versions through 2.0.1. The issue arises because the plugin does not properly validate the 'api_url' parameter before redirecting users, allowing for unauthorized redirection to arbitrary URLs.

Impact

Exploitation of this vulnerability allows for open redirection, where users can be sent to a malicious site without their knowledge.

Remediation

Users can update to Payment Gateway for Telcell WordPress plugin version 2.0.4 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Payment Gateway for Telcell WordPress Plugin Open Redirect Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating