Medium
CVSS 6.1
Overview
The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue
CVE-2023-6786
The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 6.1 (MEDIUM)
- Detected tags: redirect, wordpress (tag impact: LOW)
Recommended actions:
- Prioritize remediation based on business criticality and exposure.
- Limit exposure and increase monitoring until fixed.