A vulnerability has been discovered in WordPress before 4.7.3 (wp-includes/pluggable.php) that certain control characters can trick redirect URL validation.
A vulnerability has been discovered in WordPress before 4.7.3 (wp-includes/pluggable.php) that certain control characters can trick redirect URL validation.
https://github.com/WordPress/WordPress/commit/288cd469396cfe7055972b457eb589cea51ce40e