cbcvebase.
CVE-2024-6690
published 2025-05-15

CVE-2024-6690: The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites

PriorityP278medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.47%
37.4th percentile
The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites

Affected

1 ranges
VendorProductVersion rangeFixed in
wp-buywp_content_copy_protection_no_right_click< 15.315.3

Detection & IOCsextracted from sources · hover to see the quote

path/wp-content/plugins/wccp-pro/no-js.php
url{{BaseURL}}/wp-content/plugins/wccp-pro/no-js.php?referrer=https://oast.pro
  • Look for HTTP 302 redirect responses from /wp-content/plugins/wccp-pro/no-js.php with a Location header pointing to an external domain via the 'referrer' parameter.
  • The vulnerable parameter is 'referrer' in no-js.php of the wccp-pro WordPress plugin (versions before 15.3). Unauthenticated GET requests can trigger the open redirect.
  • Monitor for GET requests to /wp-content/plugins/wccp-pro/no-js.php with a 'referrer' query parameter containing an external URL, followed by a 302 response with a Location header to that external URL.
  • ·The open redirect is unauthenticated (no login required) and exploitable via a simple GET request — no special privileges or session needed.
  • ·Only the 'Pro' variant of the plugin (wccp-pro) is affected, not the free version.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
vulncheck6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.