CVE-2024-47648 — Open Redirect in Eventprime

CWE-601 — Open Redirect3 documents3 sources

Severity

6.1MEDIUMNVD

EPSS

0.2%

top 61.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Theeventprime Eventprime Metagauss Eventprime

Timeline

PublishedOct 10

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Metagauss EventPrime eventprime-event-calendar-management.This issue affects EventPrime: from n/a through <= 4.0.4.5.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5metagauss/eventprime4.0.4.5

▶NVDtheeventprime/eventprime< 4.0.4.6

🔴Vulnerability Details

CVEList

WordPress EventPrime plugin <= 4.0.4.5 - Open Redirection vulnerability↗2024-10-10

▶

GHSA

GHSA-phj7-phjc-r9wg: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in EventPrime Events EventPrime↗2024-10-10

▶