CVE-2017-8875

CVE-2017-8875

EPSS 0.6%

CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2017/May/23 https://wordpress.org/plugins/clean-login/#developers