Login Sign Up

CVE-2024-13888

7.2 HIGH
Open Redirect

📋 TL;DR

The WPMobile.App WordPress plugin contains an open redirect vulnerability that allows unauthenticated attackers to redirect users to malicious websites. All WordPress sites using this plugin up to version 11.56 are affected. Attackers can exploit this by tricking users into clicking specially crafted links.

💻 Affected Systems

Products:
  • WPMobile.App WordPress plugin
Versions: All versions up to and including 11.56
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all WordPress installations with the vulnerable plugin enabled, regardless of WordPress version or configuration.

📦 What is this software?

Wpmobile.app by Amauri

View all CVEs affecting Wpmobile.app →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users are redirected to phishing sites that steal credentials, financial information, or deliver malware, leading to account compromise, financial loss, or system infection.

🟠

Likely Case

Attackers use the redirect for phishing campaigns, credential harvesting, or delivering malicious content to users who trust the legitimate WordPress site.

🟢

If Mitigated

With proper user awareness training and web filtering, users avoid clicking suspicious links, limiting the attack's effectiveness to low-trust scenarios.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (clicking a link) but is technically simple for attackers to implement.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 11.57 or later

Vendor Advisory: https://plugins.trac.wordpress.org/changeset/3243366

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins > Installed Plugins. 3. Find WPMobile.App plugin. 4. Click 'Update Now' if available, or manually update to version 11.57+. 5. Verify the plugin is active and functioning.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily deactivate the WPMobile.App plugin until patched

Web Application Firewall rule

all

Block requests containing malicious redirect parameters

🧯 If You Can't Patch

  • Implement strict Content Security Policy (CSP) headers to restrict redirect destinations
  • Use web application firewall to filter and block suspicious redirect parameters

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Plugins > Installed Plugins for WPMobile.App version 11.56 or lower

Check Version:

wp plugin list --name=wpappninja --field=version

Verify Fix Applied:

Confirm plugin version is 11.57 or higher in WordPress admin panel

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests with 'redirect' parameter containing external domains
  • Unusual redirect patterns in access logs

Network Indicators:

  • Outbound redirects to unexpected domains
  • Suspicious referrer patterns

SIEM Query:

web_access_logs WHERE url CONTAINS 'redirect=' AND url NOT CONTAINS 'wordpress.org' AND url NOT CONTAINS 'site_domain'

📊 Metadata

CVE ID: CVE-2024-13888
CVSS v3 Score: 7.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CWE: CWE-601
EPSS Score: 0.8% exploit probability (73.7th percentile)
Published: February 20, 2025
Last Updated: February 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13888, you might also want to check these:

CVE-2025-43526 9.8

A URL validation vulnerability in macOS and Safari allows web content opened via file URLs to bypass...

Same vulnerability type (CWE-601)
CVE-2025-55031 9.8

This vulnerability in Firefox and Focus for iOS allows malicious web pages to trigger hybrid passkey...

Same vulnerability type (CWE-601)
CVE-2024-22891 9.8

CVE-2024-22891 is a critical remote code execution vulnerability in Nteract v0.28.0 that allows atta...

Same vulnerability type (CWE-601)