CVE-2007-1599
wordpress - several vulnerabilities
EPSS 1.4%
Description
wp-login.php in WordPress allows remote attackers to redirect authenticated users to other websites and potentially obtain sensitive information via the redirect_to parameter.
How to fix CVE-2007-1599
To remediate CVE-2007-1599, upgrade the affected package to a fixed version below.
- Debian/wordpress—upgrade to 2.2.2-1 or later
- Debian/wordpress—upgrade to 2.0.10-1etch3 or later
Is CVE-2007-1599 being exploited?
Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.2.2-1
- from 0, < 2.0.10-1etch3