WordPress prior to 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote malicious users to bypass intended redirection restrictions via a crafted string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wordpress wordpress |