CVE-2025-39523
BaseFortify
Publication date: 2025-09-09
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| goodbarber | goodbarber | 1.0.26 |
| goodbarber | goodbarber | 1.0.27 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Open Redirection issue in the WordPress GoodBarber plugin up to version 1.0.26. It occurs because the plugin does not properly validate redirect URLs, allowing attackers to redirect users from a legitimate site to a malicious one. This can be exploited without authentication and may be used to facilitate phishing attacks by tricking users into visiting harmful websites. [1]
How can this vulnerability impact me? :
The vulnerability can impact you by enabling attackers to redirect your users to malicious websites, potentially leading to phishing attacks. This can harm your users' security and trust in your site. However, the vulnerability has a low severity rating and limited impact, with a CVSS score of 4.7. It is recommended to update the plugin to version 1.0.27 or later to mitigate this risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests for suspicious redirect parameters that lead to untrusted external URLs. You can look for URL parameters commonly used for redirection (e.g., 'redirect', 'url', 'next') in requests to the GoodBarber plugin endpoints and verify if they allow redirection to external domains. Commands such as using curl to test redirects or grep to search logs for redirect parameters can help. For example, you can use: curl -I 'https://yourdomain.com/path?redirect=http://malicious.com' to see if the redirect occurs. Additionally, searching web server logs with grep for redirect parameters can help identify potential exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the GoodBarber plugin to version 1.0.27 or later, where the issue is fixed. If updating immediately is not possible, applying virtual patching (vPatching) provided by Patchstack can serve as an interim protection to auto-mitigate the vulnerability before the official patch is applied. [1]