Skip to content
Patchstack Academy

Open Redirect

Introduction

This article covers cases of possible Open Redirect on WordPress. An open redirect allows a user to be redirected to a malicious site set by an attacker.

Learn how to secure your code against Open Redirect

Useful Functions

Several functions could be useful to identify a possible Open Redirect vulnerability:

Example Cases

Below is an example of vulnerable code:

add_action("template_redirect", "redirect");


function redirect(){
    $url      = urldecode( $_GET['url'] ?? '' );
    wp_redirect($url);
    die();
}

To exploit this, an attacker needs to send the link <WORDPRESS_BASE_URL>/?url=https://evil.net to the victim. When the victim clicks the link, they will be redirected to evil.net.

Contributors

dhakalananda