CVE-2026-25392

MEDIUM4.7

WordPress Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress plugin <= 1.4.0 - Open Redirection vulnerability

Published Feb 19, 2026

Modified 1 weeks ago

Details

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress: from n/a through <= 1.4.0.

References

WEB

https://patchstack.com/database/Wordpress/Plugin/update-urls/vulnerability/wordpress-update-urls-quick-and-easy-way-to-search-old-links-and-replace-them-with-new-links-in-wordpress-plugin-1-3-0-open-redirection-vulnerability?_s_id=cve

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2026-25392

CVSS Analysis

CVSS v3.1

4.7

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity