Unrated severityNVD Advisory· Published Apr 28, 2009· Updated Jun 16, 2026
CVE-2008-6762
CVE-2008-6762
Description
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter.
Affected products
2cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wordpress:wordpress:2.6:*:*:*:*:*:*:*
- (no CPE)range: 2.6.x
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.