Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress GTranslate <2.8.11 - Open Redirect

By kannthu

Medium
Vidoc logoVidoc Module
#redirect#wordpress
Description

WordPress GTranslate <2.8.11 - Open Redirect

What is the "WordPress GTranslate <2.8.11 - Open Redirect?"

The "WordPress GTranslate <2.8.11 - Open Redirect" module is designed to detect an open redirect vulnerability in the GTranslate plugin for WordPress versions prior to 2.8.11. This vulnerability allows attackers to redirect users to malicious websites, potentially leading to phishing attacks or the installation of malware.

This module has a severity level of medium, indicating that it poses a moderate risk to the security of the affected WordPress websites.

The original author of this module is not specified.

Impact

An open redirect vulnerability in the GTranslate plugin can have serious consequences for website owners and users. Attackers can exploit this vulnerability to trick users into visiting malicious websites that may appear legitimate. This can result in the theft of sensitive information, such as login credentials or financial data, or the installation of malware on the user's device.

How the module works?

The "WordPress GTranslate <2.8.11 - Open Redirect" module works by sending a specific HTTP request to the vulnerable GTranslate plugin. The request includes a parameter that specifies the target URL for redirection. The module then checks the response from the server to determine if the redirection occurs and if it matches the expected behavior.

Here is an example of an HTTP request sent by the module:

GET /wp-content/plugins/gtranslate/url_addon/gtranslate.php?glang=en&gurl=/www.pluginvulnerabilities.com HTTP/1.1
Host: [target website]

The module includes two matching conditions to verify the presence of an open redirect vulnerability:

- The first condition checks if the server responds with a 301 status code, indicating a permanent redirect. - The second condition checks if the server includes a "Location" header in the response, with the value matching the expected redirect URL.

If both conditions are met, the module reports the presence of the open redirect vulnerability in the GTranslate plugin.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-content/plugins/...
Matching conditions
word: Location: www.pluginvulnerabilities.comand
status: 301
Passive global matcher
No matching conditions.
On match action
Report vulnerability