PT-2007-2981 · WordPress · Wordpress
Publicado
2007-03-22
·
Atualizado
2018-10-16
·
CVE-2007-1599
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
WordPress (affected versions not specified)
Description
The issue allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information. This is achieved via the
redirect to parameter in the 'wp-login.php' page.Recommendations
For all affected versions, consider restricting access to the 'wp-login.php' page until a fix is available. As a temporary workaround, avoid using the
redirect to parameter in the 'wp-login.php' page to minimize the risk of exploitation.Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Wordpress