ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.8.1 - Open redirect vulnerability (user and term edit screens)

Product
WordPress
Description
Open redirect vulnerability found by Yasin Soliman (ysx) in WordPress (user and term edit screens) version 4.8.1 and earlier versions.
Solution
Update the WordPress to the latest available version (at least 4.8.2).
Classification
Type Open Redirection
OWASP Top 10 A10: Unvalidated Redirects and Forwards
References
WordPress 4.8.2 Security release page
CVE
Name CVE-N/A
Versions
Affected In <=4.8.1
Fixed In 4.8.2
Disclosure date
2017-09-19
Credits
Yasin Soliman (ysx)
Submitter
ThreatPress