CVE-2012-6499

NUCLEI

Age Verification < 0.4 - Improper Input Validation

Title source: rule

Description

Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect_to parameter.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Gianluca Brindisi · textwebappsphp

https://www.exploit-db.com/exploits/18350

View Code ZIP pw:eip

exploitdb WRITEUP VERIFIED

by Gianluca Brindisi · textwebappsphp

https://www.exploit-db.com/exploits/36540

View Code ZIP pw:eip

Nuclei Templates (1)

WordPress Plugin Age Verification v0.4 - Open Redirect

MEDIUMby ctflearner

References (3)

[Exploit] http://www.exploit-db.com/exploits/18350

[Third Party Advisory, VDB Entry] http://www.osvdb.org/82584

[Exploit] http://www.securityfocus.com/bid/51357

Scores

EPSS 0.4640

EPSS Percentile 97.7%

Details

CWE

CWE-20

Status published

Products (1)

age_verification_project/age_verification < 0.4

Published Jan 12, 2013

Tracked Since Feb 18, 2026