DEBIAN-CVE-2020-4048
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2020-4048
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2020-4048.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2020-4048
- Upstream
- Published
- 2020-06-12T16:15:10Z
- Modified
- 2025-09-19T06:08:52Z
- Summary
- [none]
- Details
-
In affected versions of WordPress, due to an issue in wpvalidateredirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the previously affected versions via a minor release (5.3.4, 5.2.7, 5.1.6, 5.0.10, 4.9.15, 4.8.14, 4.7.18, 4.6.19, 4.5.22, 4.4.23, 4.3.24, 4.2.28, 4.1.31, 4.0.31, 3.9.32, 3.8.34, 3.7.34).
- References
Affected packages
Debian:11 / wordpress
Package
- Name
- wordpress
- Purl
- pkg:deb/debian/wordpress?arch=source
Debian:12 / wordpress
Package
- Name
- wordpress
- Purl
- pkg:deb/debian/wordpress?arch=source
Debian:13 / wordpress
Package
- Name
- wordpress
- Purl
- pkg:deb/debian/wordpress?arch=source
Debian:14 / wordpress
Package
- Name
- wordpress
- Purl
- pkg:deb/debian/wordpress?arch=source