Skip to main content
WP HealthKit

Open Redirect

A vulnerability where a web application redirects users to an attacker-controlled URL without validation.

How it works

A vulnerability where a web application redirects users to an attacker-controlled URL without validation.

In WordPress

Use wp_safe_redirect() instead of wp_redirect() in WordPress to validate the target against allowed hosts.

Related terms

SSRF

WP HealthKit checks for Open Redirect-related vulnerabilities automatically

Run a Free Audit
All terms
What Is Open Redirect? — WordPress Security Glossary | WP HealthKit