CVE-2026-28106

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://patchstack.com/database/wordpress/plugin/b2bking/vulnerability/wordpress-b2bking-premium-plugin-5-3-80-open-redirection-vulnerability?_s_id=cve

Configurations

No configuration.

History

22 Apr 2026, 21:27

Type	Values Removed	Values Added
Summary		(es) Redirección de URL a sitio no confiable ('Redirección abierta') vulnerabilidad en Kings Plugins B2BKing Premium permite Phishing. Este problema afecta a B2BKing Premium: desde n/a antes de 5.4.20.

09 Mar 2026, 08:16

Type	Values Removed	Values Added
Summary	~~(en) URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a through 5.3.80.~~	(en) URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20.

06 Mar 2026, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-06 12:15

Updated : 2026-04-22 21:27

NVD link : CVE-2026-28106

Mitre link : CVE-2026-28106

CVE.ORG link : CVE-2026-28106

JSON object : View

Products Affected

No product.

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

4.7 /10