SYM_PHP_0053 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
URL Redirection to Untrusted Site ('Open Redirect')
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-601: URL Redirection to Untrusted Site ('Open Redirect') |
| OWASP | A05:2021 - Security Misconfiguration |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
This function can be used to redirect to user supplied URLs. If user input is not sanitised or validated, this could lead to Open Redirect vulnerabilities. Use "wp_safe_redirect()" to prevent this kind of attack.