Security Advisory

CVE-2019-16220

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-09-11 13:06:57

Last updated 2024-08-21 16:00:10

Assigner mitre

State PUBLISHED

Description

In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp-includes/pluggable.php could lead to an open redirect if a provided URL path does not start with a forward slash.

← Browse all CVEs View on cve.org ↗