Source: National Vulnerability Database

The All In One WP Security & Firewall WordPress plugin before 4.4.11 does not validate, sanitise and escape the redirect_to parameter before using it to redirect user, either via a Location header, or meta url attribute, when the Rename Login Page

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25102

68 hits since 2022-05-02

PHP Vulns Source Ratio: 17% (6324 total, 536 propagated, 3162 filtered)