CVE-2025-39404
WordPress Sassy Social Share plugin <= 3.3.73 - Open Redirection vulnerabilityURL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social Share allows Phishing. This issue affects Sassy Social Share: from n/a through 3.3.73.
We have discovered 22,777 live websites that are affected by CVE-2025-39404.
Affected Software
| Product |  Sassy Social Share |
| Category | Wordpress Plugins |
| Vulnerable Domains | 22,777 live websites (100% of Sassy Social Share install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 0 versions ( less than 0.1% of all versions) |
Common Weakness Enumeration
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')Details
- Published - Apr 24, 2025
- Updated - Apr 25, 2025
Credits
- Affan Ali - @MuslimFromPK (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2025-39404 United States | 7,740 websites |
 France | 1,454 websites |
 Italy | 1,427 websites |
 Germany | 1,305 websites |
 GB | 876 websites |
 Spain | 788 websites |
 Russia | 759 websites |
 India | 747 websites |
 Brazil | 511 websites |
 Netherlands | 411 websites |
Website Distribution by TLD
Number of websites using CVE-2025-39404| .com | 10,274 websites |
| .ru | 1,338 websites |
| .org | 1,227 websites |
| .it | 1,044 websites |
| .net | 592 websites |
| .fr | 480 websites |
| .com.br | 442 websites |
| .de | 361 websites |
| .co.uk | 356 websites |
| .es | 312 websites |
Websites affected by CVE-2025-39404
Top websites that are affected by CVE-2025-39404. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ********.com | United States | *,*** | |
| ******.com | United States | **,*** | |
| ****************.com | United States | **,*** | |
| ***************.org | United States | **,*** | |
| **********.com | United States | **,*** | |
| ****.pt |  Portugal | **,*** | |
| *****************.com | United States | **,*** | |
| *****.app |  Bulgaria | **,*** | |
| ***.***.br | Brazil | **,*** | |
| **********.com | United States | **,*** |
FAQ
CVE-2025-39404 is URL Redirection to Untrusted Site ('Open Redirect') in Sassy Social Share
A total of 22,777 websites have been identified as vulnerable to CVE-2025-39404, based on global website indexing conducted by WebTechSurvey.
The Sassy Social Share is affected by the CVE-2025-39404 vulnerability.
Sassy Social Share versions up to and including 3.3.73 are vulnerable to CVE-2025-39404.