← Back to CVE List
CVE-2021-25028
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to parameter before redirecting the user to the given value, leading to an arbitrary redirect issue
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt