WordPress 5.2.2 - Potential Open Redirect



Description
According to the WordPress release notes:

"Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect. "

Affects WordPress

fixed in version 5.2.3

References

CVE 2019-16220
URL https://wordpress.org/news/2019/09/wordpress-5-2-3-security-and-maintenance-release/
URL https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28

Classification

Type REDIRECT
CWE CWE-601

Miscellaneous

Original Researcher Tim Coen
Views 22502
Verified No
WPVDB ID 9863

Timeline

Publicly Published 2019-09-05 (2 months ago)
Added 2019-09-05 (2 months ago)
Last Updated 2019-09-11 (2 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin