Vendor ------ Wordpress (http://www.wordpress.org). Severity -------- Moderate. Dated ----- 03 March 2007. Versions Affected ----------------- All. Issue ----- The wp-login.php page redirects a user to arbitrary page after successful login by setting the redirect_to url parameter. For example if a user logins successfully with his credentials on the following page http://www.foo.com/wp-login.php?redirect_to=http://www.google.co.in He will be redirected to www.google.co.in. Impact ------ This can lead to credentials stealing. Also cookie stealing is possible coupled with some browser bugs. Vendor Status ------------- Reported on 03 March 2007. Fix will be made available in next version. -- MSG // http://www.metaeye.org
