Описание
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | needed | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE |
Показывать по
5.8 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.
In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ...
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect.
Уязвимость функции wp_validate_redirect системы управления содержимым сайта WordPress, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность
5.8 Medium
CVSS2
6.1 Medium
CVSS3