Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress 2.6 |