CVE-2025-54681

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets allows Phishing. This issue affects Connector for Gravity Forms and Google Sheets: from n/a through 1.2.4.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://patchstack.com/database/wordpress/plugin/wp-gravity-forms-spreadsheets/vulnerability/wordpress-connector-for-gravity-forms-and-google-sheets-plugin-plugin-1-2-4-open-redirection-vulnerability?_s_id=cve

Configurations

No configuration.

History

14 Aug 2025, 13:11

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de redirección de URL a un sitio no confiable ('Open Redirect') en CRM Perks Connector for Gravity Forms and Google Sheets permite el phishing. Este problema afecta a Connector for Gravity Forms and Google Sheets: desde n/d hasta la versión 1.2.4.

14 Aug 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-14 11:15

Updated : 2025-08-14 13:11

NVD link : CVE-2025-54681

Mitre link : CVE-2025-54681

CVE.ORG link : CVE-2025-54681

JSON object : View

Products Affected

No product.

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

4.7 /10