CVE-2024-13888 Scanner

WPMobile.App is a plugin for WordPress that allows website owners to create mobile apps from their WordPress websites. The plugin simplifies the process of building native mobile apps by providing a seamless interface for integrating content from WordPress sites. It is commonly used by WordPress users who wish to expand their website presence onto mobile platforms. The plugin offers features such as app branding, push notifications, and monetization options. Many businesses and content creators rely on WPMobile.App to increase user engagement through mobile applications. The plugin is developed by wpappninja and can be installed easily from the WordPress plugin repository.

This vulnerability in WPMobile.App allows unauthenticated attackers to perform an open redirect attack through the 'redirect' parameter. The plugin fails to properly validate the URL passed in this parameter, which allows malicious users to redirect victims to an external site of their choice. This attack can be triggered by tricking a user into clicking a link that contains a redirect to a malicious site. The vulnerability affects all versions of the plugin up to and including version 11.56. Open redirect vulnerabilities are particularly dangerous because they can be used in phishing attacks to lure victims to malicious websites.

The vulnerability is triggered when an attacker crafts a URL with a malicious redirect URL in the 'redirect' parameter. For example, the URL could be encoded to redirect users to a harmful site, such as "http://oast.me", which could compromise their security if they are tricked into visiting it. The issue arises because the plugin does not adequately sanitize or validate the provided URL, allowing any URL to be used for redirection. Attackers can exploit this flaw by embedding the malicious redirect URL in links or social engineering techniques, leading users to unsafe locations. This vulnerability could be exploited in combination with other attacks, such as phishing, to further compromise the victim’s security.

If exploited, this vulnerability can allow attackers to redirect users to malicious websites. These websites could be used for phishing attacks, where users are tricked into entering sensitive information such as login credentials, personal data, or payment details. Additionally, attackers can use this vulnerability to distribute malware or drive traffic to fraudulent websites. The impact is particularly severe in environments where users trust links within the website, such as customer portals or authentication systems. While the attacker does not gain direct access to the site, they can significantly damage the site’s reputation and user trust.

REFERENCES

• https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wpappninja/wpmobileapp-1156-open-redirect-via-redirect-parameter
• https://nvd.nist.gov/vuln/detail/CVE-2024-13888