BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Advisory - Redirection Vulnerability in wp-login.php. Mar 20 2007 03:01PM
Metaeye SG (contact metaeye org)
Vendor
------
Wordpress (http://www.wordpress.org).

Severity
--------
Moderate.

Dated
-----
03 March 2007.

Versions Affected
-----------------
All.

Issue
-----

The wp-login.php page redirects a user to arbitrary page after
successful login by setting the redirect_to url parameter.

For example ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus