The WordPress Toolbar WordPress plugin through 2.2.6 redirects to any URL via the "wptbto" parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-01-29T14:44:16.273Z

Updated: 2024-08-02T08:28:21.816Z

Reserved: 2023-11-29T20:04:45.102Z

Link: CVE-2023-6389

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-29T15:15:09.410

Modified: 2024-11-21T08:43:45.890

Link: CVE-2023-6389

cve-icon Redhat

No data.