CVE-2023-6389

Name of the Vulnerable Software and Affected Versions WordPress Toolbar WordPress plugin versions 2.2.6 and earlier

Description The issue allows unauthenticated attackers to redirect users to potentially malicious sites by tricking them into performing an action. This is achieved via the wptbto parameter, which can redirect to any URL.

Recommendations For WordPress Toolbar WordPress plugin versions 2.2.6 and earlier, consider disabling the redirect functionality related to the wptbto parameter until a patch is available. Restrict access to the plugin's functionality to minimize the risk of exploitation. Avoid using the wptbto parameter in the affected plugin until the issue is resolved.