Primary

Context

Facebook for WooCommerce Open Redirect Vulnerability

Vulnerability

A URL redirection vulnerability allowing untrusted site redirects (open redirect) has been identified in the Facebook for WooCommerce plugin, affecting versions through 3.7.0. This vulnerability could be exploited for phishing attacks by redirecting users to malicious sites.

Impact

Exploitation of this vulnerability could lead to phishing incidents, as users could be redirected from a legitimate site to a malicious one.

Remediation

Users are advised to update the Facebook for WooCommerce plugin to the latest version. If unable to do so, consult with your hosting provider or web developer for assistance.

Added: May 28, 2026, 4:35 AM

Updated: May 28, 2026, 4:35 AM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.2

exploitability

6.4

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.2

exploitability

6.4

remediation

0.0

relevance

9.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Facebook for WooCommerce Open Redirect Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Facebook

Facebook for WooCommerce

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating