CVE-2025-49868
BaseFortify
Publication date: 2025-06-17
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Open Redirection issue in the WordPress Automation By Autonami plugin (up to version 3.6.0). It occurs because the plugin does not properly validate redirect URLs, allowing attackers to redirect users from a legitimate site to a malicious one. This can be exploited to facilitate phishing attacks by tricking users into visiting harmful websites. [1]
How can this vulnerability impact me? :
The vulnerability can impact you by enabling attackers to redirect your users to malicious websites, which can lead to phishing attacks. This can compromise user trust and potentially expose users to harmful content or credential theft. Although the severity is considered low, it still poses a risk of opportunistic automated attacks if not addressed. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this Open Redirection vulnerability involves monitoring for unexpected or suspicious URL redirections originating from the Automation By Autonami plugin (versions up to 3.6.0). Since the vulnerability allows redirecting users to untrusted sites without proper validation, you can look for HTTP requests or logs showing redirects to external or suspicious domains. Specific commands depend on your environment, but generally, you can use web server access logs or network traffic analysis tools. For example, using grep on web server logs to find redirect patterns: grep -i 'Location: http' /var/log/apache2/access.log or using network monitoring tools like Wireshark to filter HTTP 3xx status codes with external URLs. Additionally, scanning your WordPress installation to check the plugin version can be done with WP-CLI: wp plugin list | grep autonami to verify if the vulnerable version is installed. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Automation By Autonami plugin to version 3.6.1 or later, where the vulnerability is fixed. If updating immediately is not possible, applying virtual patching solutions or auto-update options provided by Patchstack can offer temporary protection. Monitoring and restricting suspicious redirects can also help reduce risk. Since the vulnerability requires no authentication to exploit, timely updating is strongly recommended to prevent phishing attacks. [1]