Description

wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.

Remediation

References

CVE-2007-1599

Related Vulnerabilities

Oracle HTTP Server CVE-2021-2480 Vulnerability (CVE-2021-2480)

WordPress Plugin ULTIMATE TABLES SQL Injection (1.5)

MongoDb Use After Free Vulnerability (CVE-2019-2393)

Serendipity Other Vulnerability (CVE-2015-6968)

WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (6.1.5)

Severity

Medium

Classification

CVE-2007-1599

Tags

Missing Update Known Vulnerabilities