WordPress 2013 TwentyThirteen theme version 5.0.3 suffers from an open redirection vulnerability.
17af8d808260cd382bb561a63cd216ad19865d85b01816a105f2f3c8c4691caa
####################################################################
# Exploit Title : WordPress 2013 TwentyThirteen Themes 5.0.3 Open
Redirection
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 15/01/2019
# Vendor Homepage : wordpress.org/themes/twentythirteen/
# Software Download Link :
downloads.wordpress.org/theme/twentythirteen.2.7.zip
# Affected Versions : 2.7 and 5.03
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Vulnerability Type : CWE-601 [ URL Redirection to Untrusted Site ('Open
Redirect') ]
####################################################################
# Impact :
*********
* This web application called as WordPress 2013 TwentyThirteen Themes 2.7
and 5.0.3 versions
accepts a user-controlled input that specifies a link to an external site,
and uses that link in a Redirect.
This simplifies phishing attacks.
* An http parameter may contain a URL value and could cause the web
application to redirect
the request to the specified URL. By modifying the URL value to a malicious
site, an attacker may
successfully launch a phishing scam and steal user credentials. Because the
server name in the
modified link is identical to the original site, phishing attempts have a
more trustworthy appearance.
####################################################################
# Open Redirection Exploit :
****************************
/wp-content/themes/twentythirteen/redirect.php?click=bg&url=https://
[REDIRECTION.gov]
####################################################################
# Example Vulnerable Sites :
**************************
[+]
axrtbeatsi.ga/wp-content/themes/twentythirteen/redirect.php?click=bg&url=https://packetstormsecurity.com/
[+]
frisbeegolfradat.fi/wp-content/themes/twentythirteen/redirect.php?click=bg&url=https://packetstormsecurity.com/
####################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
####################################################################