ThreatPress

WordPress Vulnerabilities Database

Back

WordPress <=4.9.4 - Use Safe Redirect for Login

Product
WordPress
Description
Use safe redirects when redirecting the login page if SSL is forced on WordPress versions 3.7-4.9.4
Solution
Update WordPress to the latest available version (at least 4.9.5).
Classification
Type Open Redirection
OWASP Top 10 A10: Unvalidated Redirects and Forwards
References
Security release information
CVE
Name CVE-N/A
Versions
Affected In <=4.9.4
Fixed In 4.9.5
Disclosure date
2018-04-05
Submitter
ThreatPress