WordPress Toolbar <= 2.2.6 - Open Redirect (CVE-2023-6389)

The plugin redirects to any URL via the "wptbto" parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

该插件通过“wptbto”参数重定向至任意URL。这使得未经身份验证的攻击者能够诱骗用户执行特定操作，从而将他们重定向至可能存在恶意内容的网站。