Description

wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.

Remediation

References

CVE-2007-1599

Related Vulnerabilities

WordPress Plugin Quotes Collection Cross-Site Request Forgery (1.5.5.1)

PostgreSQL Other Vulnerability (CVE-2002-1398)

Jenkins Incorrect Authorization Vulnerability (CVE-2023-27903)

WordPress Plugin WP eCommerce 'cart_messages[]' Parameter Cross-Site Scripting (3.8.6)

WordPress Plugin Frontend File Manager Arbitrary File Upload (1.8)

Severity

Medium

Classification

CVE-2007-1599

Tags

Missing Update Known Vulnerabilities