CVE-2018-10100

Description

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

Affected packages (3)

• Debian/wordpressfrom 0, < 4.9.5+dfsg1-1
• Debian/wordpressfrom 0, < 3.6.1+dfsg-1~deb7u21
• Debian/wordpressfrom 0, < 4.1+dfsg-1+deb8u17

CVSS scores

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2018-10100