Description
wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)
PostgreSQL Other Vulnerability (CVE-2002-1398)
Jenkins Incorrect Authorization Vulnerability (CVE-2023-27903)
WordPress Plugin WP eCommerce 'cart_messages[]' Parameter Cross-Site Scripting (3.8.6)
WordPress Plugin Frontend File Manager Arbitrary File Upload (1.8)