CVE-2014-1750

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-1750
Open redirect vulnerability in nokia-mapsplaces.php in the Nokia Maps & Places plugin 1.6.6 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the href parameter to page/place.html. NOTE: this was originally reported as a cross-site scripting (XSS) vulnerability, but this may be inaccurate.

5.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://seclists.org/oss-sec/2014/q1/173 Exploit
http://seclists.org/oss-sec/2014/q1/181
http://www.securityfocus.com/bid/65226
https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=841883
https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=842384
http://seclists.org/oss-sec/2014/q1/173 Exploit
http://seclists.org/oss-sec/2014/q1/181
http://www.securityfocus.com/bid/65226
https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=841883
https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=842384
Configurations

Configuration 1 (hide)

cpe:2.3:a:nokia_maps_\&_places_project:nokia_maps_\&_places:1.6.6:*:*:*:*:wordpress:*:*
History

21 Nov 2024, 02:04

Type Values Removed Values Added
References () http://seclists.org/oss-sec/2014/q1/173 - Exploit () http://seclists.org/oss-sec/2014/q1/173 - Exploit
References () http://seclists.org/oss-sec/2014/q1/181 - () http://seclists.org/oss-sec/2014/q1/181 -
References () http://www.securityfocus.com/bid/65226 - () http://www.securityfocus.com/bid/65226 -
References () https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=841883 - () https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=841883 -
References () https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=842384 - () https://plugins.trac.wordpress.org/browser/nokia-mapsplaces/trunk/nokia-mapsplaces.php?rev=842384 -
Information

Published : 2015-07-01 14:59

Updated : 2025-04-12 10:46

NVD link : CVE-2014-1750

Mitre link : CVE-2014-1750

CVE.ORG link : CVE-2014-1750

JSON object : View

Products Affected

nokia_maps_\&_places_project

  • nokia_maps_\&_places
CWE
NVD-CWE-Other