Unvalidated Redirection Vulnerability in WordPress Login Page (pre-4.9.5)

Unvalidated Redirection Vulnerability in WordPress Login Page (pre-4.9.5)

CVE-2018-10100 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

Learn more about our Wordpress Pen Testing.