B2BKing Premium Can Redirect Users to Phishing Sites

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

4.7

B2BKing Premium Can Redirect Users to Phishing Sites

CVE-2026-28106

Summary

A weakness in B2BKing Premium allows attackers to trick users into visiting fake websites. This affects all versions of B2BKing Premium prior to 5.4.20. Update to version 5.4.20 or later to fix this issue.

Original title

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20.

Original description

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kings Plugins B2BKing Premium allows Phishing.This issue affects B2BKing Premium: from n/a before 5.4.20.

nvd CVSS3.1 4.7

Vulnerability type

CWE-601 Open Redirect

https://patchstack.com/database/wordpress/plugin/b2bking/vulnerability/wordpress...

Published: 6 Mar 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026