AOH :: HP Unsorted W :: TB10026.HTM

wp-login Redirection Vulnerability in wp-login.php.



Advisory - Redirection Vulnerability in wp-login.php.
Advisory - Redirection Vulnerability in wp-login.php.



Vendor
------
Wordpress (http://www.wordpress.org). 

Severity
--------
Moderate.

Dated
-----
03 March 2007.

Versions Affected
-----------------
All.

Issue
-----

The wp-login.php page redirects a user to arbitrary page after
successful login by setting the redirect_to url parameter.

For example if a user logins successfully with his credentials
on the following page

http://www.foo.com/wp-login.php?redirect_to=http://www.google.co.in 

He will be redirected to www.google.co.in. 

Impact
------

This can lead to credentials stealing. Also cookie stealing
is possible coupled with some browser bugs.

Vendor Status
-------------
Reported on 03 March 2007. Fix will be made available in next version.

--
MSG // http://www.metaeye.org 


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.