CVE-2016-2221 - OpenCVE

Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wordpress	Wordpress

Configuration 1 [-]

cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.debian.org/security/2016/dsa-3472
http://www.securityfocus.com/bid/82463
http://www.securitytracker.com/id/1034933
https://codex.wordpress.org/Version_4.4.2
https://core.trac.wordpress.org/changeset/36444
https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/
https://wpvulndb.com/vulnerabilities/8377

History

No history.

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2016-05-22T01:00:00

Updated: 2024-08-05T23:24:48.449Z

Reserved: 2016-02-04T00:00:00

Link: CVE-2016-2221

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-05-22T01:59:14.103

Modified: 2017-11-04T01:29:18.367

Link: CVE-2016-2221

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://codex.wordpress.org/Version_4.4.2"}, {"name": "1034933", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034933"}, {"name": "82463", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/82463"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://core.trac.wordpress.org/changeset/36444"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/"}, {"name": "DSA-3472", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3472"}, {"tags": ["x_refsource_MISC"], "url": "https://wpvulndb.com/vulnerabilities/8377"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2016-2221", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://codex.wordpress.org/Version_4.4.2", "refsource": "CONFIRM", "url": "https://codex.wordpress.org/Version_4.4.2"}, {"name": "1034933", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034933"}, {"name": "82463", "refsource": "BID", "url": "http://www.securityfocus.com/bid/82463"}, {"name": "https://core.trac.wordpress.org/changeset/36444", "refsource": "CONFIRM", "url": "https://core.trac.wordpress.org/changeset/36444"}, {"name": "https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/", "refsource": "CONFIRM", "url": "https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/"}, {"name": "DSA-3472", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3472"}, {"name": "https://wpvulndb.com/vulnerabilities/8377", "refsource": "MISC", "url": "https://wpvulndb.com/vulnerabilities/8377"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:24:48.449Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://codex.wordpress.org/Version_4.4.2"}, {"name": "1034933", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034933"}, {"name": "82463", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/82463"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://core.trac.wordpress.org/changeset/36444"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/"}, {"name": "DSA-3472", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3472"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wpvulndb.com/vulnerabilities/8377"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2016-2221", "datePublished": "2016-05-22T01:00:00", "dateReserved": "2016-02-04T00:00:00", "dateUpdated": "2024-08-05T23:24:48.449Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*", "matchCriteriaId": "E341F596-9936-4B27-9494-B4A75DBD27BD", "versionEndIncluding": "4.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in the wp_validate_redirect function in wp-includes/pluggable.php in WordPress before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL that triggers incorrect hostname parsing, as demonstrated by an https:example.com URL."}, {"lang": "es", "value": "Vulnerabilidad de redirecci\u00f3n abierta en la funci\u00f3n wp_validate_redirect en wp-includes/pluggable.php en WordPress en versiones anteriores a 4.4.2 permite a atacantes remotos redirigir a los usuarios a sitios web arbitrarios y llevar acabo ataques de phishing a trav\u00e9s de una URL mal formada que desencadena un an\u00e1lisis gramatical del nombre de host incorrecto, seg\u00fan lo demostrado mediante una URL https:example.com."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/601.html\">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>", "id": "CVE-2016-2221", "lastModified": "2017-11-04T01:29:18.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-22T01:59:14.103", "references": [{"source": "security@debian.org", "url": "http://www.debian.org/security/2016/dsa-3472"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/82463"}, {"source": "security@debian.org", "url": "http://www.securitytracker.com/id/1034933"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "https://codex.wordpress.org/Version_4.4.2"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "https://core.trac.wordpress.org/changeset/36444"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://wordpress.org/news/2016/02/wordpress-4-4-2-security-and-maintenance-release/"}, {"source": "security@debian.org", "url": "https://wpvulndb.com/vulnerabilities/8377"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}