Description Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. Remediation References CVE-2018-10100 Related Vulnerabilities WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.11) SharePoint CVE-2021-1707 Vulnerability (CVE-2021-1707) MySQL CVE-2016-5633 Vulnerability (CVE-2016-5633) WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5) TCExam Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5749) Severity Medium Classification CVE-2018-10100 CWE-601 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities