CVE-2025-64250Open Redirect in Directorist

CWE-601Open Redirect4 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.0%
top 89.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Wpwax Directorist
Timeline
PublishedDec 16

Description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing.This issue affects Directorist: from n/a through <= 8.6.6.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

CVEListV5wpwax/directorist8.6.6

🔴Vulnerability Details

2
GHSA
GHSA-jw7j-6gfh-6frg: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wpWax Directorist directorist allows Phishing2025-12-16
CVEList
WordPress Directorist plugin <= 8.6.6 - Open Redirection vulnerability2025-12-16

🕵️Threat Intelligence

1
Wiz
CVE-2025-64250 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-64250 — Open Redirect in Wpwax Directorist | cvebase