Props to Ben Bidner of the WordPress Security Team for finding an open redirect issue in wp_validate_redirect().
XSS
Ben Bidner
No
2020-06-11 (about 2 years ago)
2020-06-13 (about 2 years ago)