WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Vulnerabilities

WP < 6.0.3 - Open Redirect via wp_nonce_ays

Description

WordPress does not validate the URL to redirect the user to when displaying the nonce error via wp_nonce_ays(), which could lead to an Open Redirect issue

Affects WordPress

6.0.2
Fixed in version 6.0.3
6.0.1
Fixed in version 6.0.3
6.0
Fixed in version 6.0.3
5.9.4
Fixed in version 5.9.5
5.9.3
Fixed in version 5.9.5
5.9.2
Fixed in version 5.9.5
5.9.1
Fixed in version 5.9.5
5.9
Fixed in version 5.9.5
5.8.5
Fixed in version 5.8.6
5.8.4
Fixed in version 5.8.6

References

URL
https://wordpress.org/news/2022/10/wordpress-6-0-3-security-release/
URL
https://github.com/WordPress/wordpress-develop/commit/506eee125953deb658307bb3005417cb83f32095

Classification

Type

REDIRECT

OWASP top 10
A1: Injection
CWE
CWE-601

Miscellaneous

Original Researcher

devrayn

Verified

Yes

WPVDB ID
926cd097-b36f-4d26-9c51-0dfab11c301b

Timeline

Publicly Published

2022-10-17 (about 3 months ago)

Added

2022-10-19 (about 3 months ago)

Last Updated

2022-10-19 (about 3 months ago)

Our Other Services

WPScan WordPress Security Plugin