CVE Database · CVE-2018-10100
CVSS v3.1
N/A
EPSS
3.40%
Published
Apr 16, 2018
Modified
Nov 21, 2024
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.
Weaknesses (CWE)
Affected Products (3)
References (16)
