186 matches found
CVE-2021-24352
The CVE-2021-24352 concerns the WordPress plugin Simple 301 Redirects by BetterLinks. Affected versions before 2.0.4 (notably 2.0.0–2.0.3) expose the export_data function which lacks capability/nonce checks, allowing unauthenticated users to export a site's redirects. This represents an unauthent...
CVE-2021-24353 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Import
The importdata function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects...
CVE-2021-24354 Simple 301 Redirects by BetterLinks - 2.0.0-2.0.3 - Arbitrary Plugin Installation
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites...
CVE-2021-24355
The CVE concerns the WordPress plugin Simple 301 Redirects by BetterLinks, versions prior to 2.0.4. The root cause is missing authorization checks and insufficient nonce validation on AJAX endpoints, specifically simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard. This al...
WordPress 访问控制错误漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in the Simple 301 Redirects by BetterLinks plugin for...
PT-2021-15891 · Betterlinks · Simple 301 Redirects By Betterlinks
Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue is related to the lack of capability checks and insufficient nonce check on the AJAX actions, specifically "simple301redirects/admin/get...
PT-2021-15888 · WordPress · Simple 301 Redirects By Betterlinks
Name of the Vulnerable Software and Affected Versions: Simple 301 Redirects by BetterLinks WordPress plugin versions prior to 2.0.4 Description: The issue concerns the export data function of the Simple 301 Redirects by BetterLinks WordPress plugin, which had no capability or nonce checks. This...
WordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.3 (2.0.0 – 2.0.3) - Authenticated Wildcard Activation and Retrieval vulnerability
Authenticated Wildcard Activation and Retrieval vulnerability discovered by WordFence in WordPress Simple 301 Redirects by BetterLinks plugin versions = 2.0.3 only versions 2.0.0 – 2.0.3. Solution Update the WordPress Simple 301 Redirects by BetterLinks plugin to the latest available version at...
WordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.3 (2.0.0 – 2.0.3) - Unauthenticated Redirect Import/Export vulnerability Allowing Total Site Redirection
Unauthenticated Redirect Import/Export vulnerability Allowing Total Site Redirection discovered by WordFence in WordPress Simple 301 Redirects by BetterLinks plugin versions = 2.0.3 only versions from 2.0.0 to 2.0.3. Solution Update the WordPress Simple 301 Redirects by BetterLinks plugin to the...
WordPress Simple 301 Redirects by BetterLinks plugin <= 2.0.3 (2.0.0 – 2.0.3) - Authenticated Arbitrary Plugin Installation/Activation vulnerability
Authenticated Arbitrary Plugin Installation/Activation vulnerability discovered by WordFence in WordPress Simple 301 Redirects by BetterLinks plugin versions = 2.0.3 only versions from 2.0.0 to 2.0.3. Solution Update the WordPress Simple 301 Redirects by BetterLinks plugin to the latest available...
Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Import
The importdata function of the plugin had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects. curl -i -s -k -X $'POST' \ -H $'Host: URLHERE' -H $'Content-Length: 379' -H $'Cache-Control: max-age=0' -H $'Upgrade-Insecure-Requests: 1' -H...
Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Export
The exportdata function of the plugin had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects. curl -X POST --url "URL/wp-admin/admin-post.php?page=301options&export=true"...
Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Installation
A lack of capability checks and insufficient nonce check on the AJAX action in the plugin, made it possible for authenticated users to install arbitrary plugins on vulnerable sites. PoC $wpuser, 'pwd' = $wppass, 'rememberme' = 'forever', 'wp-submit' = 'Log+In', ; $output = curlexec$ch;...
Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Export
The exportdata function of the plugin had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects. PoC curl -X POST --url "URL/wp-admin/admin-post.php?page=301options=true"...
Design/Logic Flaw
The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users even with the unfilteredhtml disabled to set XSS payloads...
CVE-2021-24327 SEO Redirection < 6.4 - Authenticated Stored Cross-Site Scripting (XSS)
The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users even with the unfilteredhtml disabled to set XSS payloads...
U.S. Dept Of Defense: Cache Posioning leading do Denial of Service on `www.█████████`
Hey! To be clear. This was not an test for Denial of service DOS. I accidentally come a cross this vulnerability when I was testing for Server side request forgery SSRF. I have read you policy well and I was not preforming any type of activity that harmed or slowed you system in anyway. You can...
CVE-2021-24187
The setting page of the SEO Redirection Plugin - 301 Redirect Manager WordPress plugin before 6.4 is vulnerable to reflected Cross-Site Scripting XSS as user input is not properly sanitised before being output in an attribute...
Cross site scripting
The setting page of the SEO Redirection Plugin - 301 Redirect Manager WordPress plugin before 6.4 is vulnerable to reflected Cross-Site Scripting XSS as user input is not properly sanitised before being output in an attribute...
CVE-2021-24187
The CVE-2021-24187 entry affects the WordPress SEO Redirection Plugin ("301 Redirect Manager") prior to v6.4. The vulnerability is a reflected Cross-Site Scripting (XSS) flaw caused by user input not being properly sanitised before output in an attribute. Impact is reflected XSS, with an attack s...