Description

wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.

Remediation

References

CVE-2007-1599

Related Vulnerabilities

Oracle Database Server CVE-2008-0341 Vulnerability (CVE-2008-0341)

Ruby Resource Management Errors Vulnerability (CVE-2008-3656)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4300)

WordPress Plugin Gallery-Flagallery Photo Portfolio 'skin' Parameter Cross-Site Scripting (1.72)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-3267)

Severity

Medium

Classification

CVE-2007-1599

Tags

Missing Update Known Vulnerabilities