Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16419
HistoryMar 22, 2007 - 12:00 a.m.

Advisory - Redirection Vulnerability in wp-login.php.

2007-03-2200:00:00
vulners.com
12
JSON

Vendor

Wordpress (http://www.wordpress.org).

Severity

Moderate.

Dated

03 March 2007.

Versions Affected

All.

Issue

The wp-login.php page redirects a user to arbitrary page after
successful login by setting the redirect_to url parameter.

For example if a user logins successfully with his credentials
on the following page

http://www.foo.com/wp-login.php?redirect_to=http://www.google.co.in

He will be redirected to www.google.co.in.

Impact

This can lead to credentials stealing. Also cookie stealing
is possible coupled with some browser bugs.

Vendor Status

Reported on 03 March 2007. Fix will be made available in next version.


MSG // http://www.metaeye.org

JSON