Title: WordPress redirect phish
Last modified: August 18, 2016

---

# WordPress redirect phish

 *  [lobas](https://wordpress.org/support/users/lobas/)
 * (@lobas)
 * [19 years, 5 months ago](https://wordpress.org/support/topic/wordpress-redirect-phish/)
 * A friend has warned me of a wordpress bug, which is actually a redirect. These
   kind of bugs are commonly used for phishing paypal and ebay accounts.
    [http://www.oklol.co.uk/2006/12/27/wordpress-redirect-bug/](http://www.oklol.co.uk/2006/12/27/wordpress-redirect-bug/)

Viewing 1 replies (of 1 total)

 *  Moderator [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/)
 * (@otto42)
 * WordPress.org Admin
 * [19 years, 5 months ago](https://wordpress.org/support/topic/wordpress-redirect-phish/#post-495436)
 * Hmm.. This could be fixed by having the wp_redirect() function check that the
   URL being redirected to is on the same site as the blog itself. That way, it 
   could not redirect outside of the blog (which it shouldn’t really be doing anyway,
   I think).

Viewing 1 replies (of 1 total)

The topic ‘WordPress redirect phish’ is closed to new replies.

## Tags

 * [exploit](https://wordpress.org/support/topic-tag/exploit/)
 * [redirect](https://wordpress.org/support/topic-tag/redirect/)

 * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/)
 * 1 reply
 * 2 participants
 * Last reply from: [Samuel Wood (Otto)](https://wordpress.org/support/users/otto42/)
 * Last activity: [19 years, 5 months ago](https://wordpress.org/support/topic/wordpress-redirect-phish/#post-495436)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics