CVE-2026-25392 PUBLISHED

WordPress Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress plugin <= 1.4.0 - Open Redirection vulnerability

Assigner: Patchstack
Reserved: 02.02.2026 Published: 19.02.2026 Updated: 19.02.2026

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KaizenCoders Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress update-urls allows Phishing.This issue affects Update URLs – Quick and Easy way to search old links and replace them with new links in WordPress: from n/a through <= 1.4.0.

Product Status

Vendor KaizenCoders
Product Update URLs &#8211; Quick and Easy way to search old links and replace them with new links in WordPress
Versions Default: unaffected
  • affected from n/a to <= 1.4.0 (incl.)

Credits

  • 0xd4rk5id3 | Patchstack Bug Bounty Program finder

References

Problem Types

  • URL Redirection to Untrusted Site ('Open Redirect') CWE

Impacts

  • Phishing