Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-601 (指向未可信站点的URL重定向(开放重定向)) — Vulnerability Class 712

712 vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-30953 WordPress WP Gravity Forms Salesforce plugin <= 1.4.7 - Open Redirection Vulnerability — WP Gravity Forms Salesforce 4.7 Medium2025-06-06
CVE-2025-30954 WordPress WP Gravity Forms Constant Contact Plugin <= 1.1.0 - Open Redirection Vulnerability — WP Gravity Forms Constant Contact Plugin 4.7 Medium2025-06-06
CVE-2025-49325 WordPress Newspack Newsletters plugin <= 3.13.0 - Open Redirection Vulnerability — Newspack Newsletters 4.7 Medium2025-06-06
CVE-2024-1440 Open Redirection in Multiple WSO2 Products via Multi-Option Authentication Endpoint — WSO2 Identity Server 5.4 Medium2025-06-02
CVE-2025-48936 ZITADEL Allows Account Takeover via Malicious X-Forwarded-Proto Header Injection — zitadel 8.1 High2025-05-30
CVE-2025-5256 Open Redirect vulnerability on user unlock path — Mautic 5.4 Medium2025-05-28
CVE-2025-5183 Summer Pearl Group Vacation Rental Management Platform Header redirect — Vacation Rental Management Platform 3.5 Low2025-05-26
CVE-2025-23183 UBtech – CWE-601: URL Redirection to Untrusted Site ('Open Redirect') — Freepass 6.1 Medium2025-05-22
CVE-2024-12561 Affiliate Sales in Google Analytics and other tools <= 2.0.0 - Open Redirect — Affiliate Sales in Google Analytics and other tools 6.1 Medium2025-05-21
CVE-2025-47854 JetBrains TeamCity 输入验证错误漏洞 — TeamCity 4.3 Medium2025-05-20
CVE-2025-4838 kanwangzjm Funiture Login LoginServlet.java doPost redirect — Funiture 4.3 Medium2025-05-17
CVE-2025-32962 Flask-AppBuilder open redirect vulnerability using HTTP host injection — Flask-AppBuilder 4.3 Medium2025-05-16
CVE-2025-40630 Open redirection vulnerability in IceWarp Mail Server — Icewarp Mail Server 6.1AIMediumAI2025-05-16
CVE-2025-47789 Horilla Open Redirect Vulnerability in Login — horilla 6.1 Medium2025-05-15
CVE-2025-30010 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) — SAP Supplier Relationship Management (Live Auction Cockpit) 6.1 Medium2025-05-13
CVE-2025-4513 Catalyst User Key Authentication Plugin Logout logout.php redirect — User Key Authentication Plugin 4.3 Medium2025-05-10
CVE-2025-46826 insa-auth Open-Redirect on provided CAS server login endpoint — insa-auth 5.3AIMediumAI2025-05-07
CVE-2025-47644 WordPress Integrations of Zoho CRM with Elementor form plugin <= 1.0.8 - Open Redirection Vulnerability — Integrations of Zoho CRM with Elementor form 4.7 Medium2025-05-07
CVE-2025-47456 WordPress WP Gravity Forms Zendesk plugin <= 1.1.2 - Open Redirection Vulnerability — WP Gravity Forms Zendesk 4.7 Medium2025-05-07
CVE-2025-47455 WordPress Integration for WooCommerce and Salesforce plugin <= 1.7.5 - Open Redirection Vulnerability — Integration for WooCommerce and Salesforce 4.7 Medium2025-05-07
CVE-2025-47454 WordPress WP Gravity Forms Dynamics CRM plugin <= 1.1.4 - Open Redirection Vulnerability — WP Gravity Forms Dynamics CRM 4.7 Medium2025-05-07
CVE-2025-4328 fp2952 spring-cloud-base HTTP Header MvcController.java sendBack redirect — spring-cloud-base 3.5 Low2025-05-06
CVE-2025-4143 Missing validation of redirect_uri on authorize endpoint 6.1AIMediumAI2025-05-01
CVE-2025-32970 org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability — xwiki-platform 6.1 Medium2025-04-30
CVE-2025-2068 Lenovo Filez 输入验证错误漏洞 — Client 5.0 Medium2025-04-25
CVE-2025-39404 WordPress Sassy Social Share plugin <= 3.3.73 - Open Redirection vulnerability — Sassy Social Share 4.7 Medium2025-04-24
CVE-2020-36845 KnowBe4 Security Awareness Training 安全漏洞 — Security Awareness Training 5.3 Medium2025-04-20
CVE-2025-39597 WordPress Fast eBay Listings plugin <= 2.12.15 - Open Redirection Vulnerability — Fast eBay Listings 4.7 Medium2025-04-16
CVE-2025-39599 WordPress Listdom plugin <= 4.0.0 - Open Redirection Vulnerability — Listdom 4.7 Medium2025-04-16
CVE-2024-49706 XSS in iKSORIS — iKSORIS 6.1AIMediumAI2025-04-14

Vulnerabilities classified as CWE-601 (指向未可信站点的URL重定向(开放重定向)) represent 712 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.