15 matches found
404 to 301 <= 2.0.2 - Authenticated Blind SQL Injection
The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin was affected by an Authenticated Blind SQL Injection security vulnerability. id: CVE-2015-9323 info: name: 404 to 301 = 2.0.2 - Authenticated Blind SQL Injection author: Harsh severity: critical description: | The 404 to 301 –...
WordPress 404 to 301 Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS)
Software 404 to 301 Type Plugin Vulnerable versions = 3.0.5 Fixed in 3.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 6886ba1d92bc Credits Rafie Muhammad Patchstack Required...
CVE-2021-4338
The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the openredirect & saveredirect functions in versions up to, and including, 3.0.7. This makes it possible for authenticated attackers to view, create and edit redirections...
CVE-2021-4338
The CVE-2021-4338 entry concerns the WordPress 404 to 301 plugin. It describes an authorization bypass caused by missing capability checks on the open_redirect and save_redirect functions in versions up to and including 3.0.7. The vulnerability allows authenticated attackers to view, create, and ...
WordPress 404 to 301 plugin <= 3.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress 404 to 301 plugin versions = 3.1.1. Solution Update the WordPress 404 to 301 plugin to the latest available version at least 3.1.2...
Wordpress 404 to 301 2.0.2 Plugin - SQL Injection (Authenticated) Exploit
Exploit Title: Wordpress Plugin 404 to 301 2.0.2 - SQL-Injection Authenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://de.wordpress.org/plugins/404-to-301/ Software Link: https://downloads.wordpress.org/plugin/404-to-301.2.0.2.zip Version: = 2.0.2 Tested on: Ubuntu 20.04 CV...
WordPress 404-to-301 Plugin SQL Injection Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. 404-to-301 is a plugin used to redirect 404 pages to other pages. The WordPress 404-to-301 plugin suffers from a SQL injection...
Sql injection
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection...
CVE-2015-9323
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection...
CVE-2015-9323
The CVE-2015-9323 entry corresponds to a vulnerability in the WordPress plugin 404-to-301 (Redirect, Log and Notify 404 Errors). Affected versions are before 2.0.3, with an Authenticated Blind SQL Injection vulnerability in the plugin’s code path. Exploitation is described as authenticated (requi...
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting Source: https://sumofpwn.nl/advisory/2016/storedcrosssitescriptingvulnerabilityin404to301wordpressplugin.html Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin Abstract A stored Cross-Site Scripting...
WordPress 404 to 301 Plugin 2.2.8 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Source: https://sumofpwn.nl/advisory/2016/storedcrosssitescriptingvulnerabilityin404to301wordpressplugin.html Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin Abstract A stored Cross-Site Scripting vulnerability was fou...
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting
Source: https://sumofpwn.nl/advisory/2016/storedcrosssitescriptingvulnerabilityin404to301wordpressplugin.html Stored Cross-Site Scripting vulnerability in 404 to 301 WordPress Plugin Abstract A stored Cross-Site Scripting vulnerability was found in the 404 to 301 WordPress Plugin. This issue can ...
404 to 301 <= 2.3.0 - Unauthenticated Stored Cross-Site Scripting (XSS)
Description There is a stored XSS in the 404-to-301 WP plugin HTTP/1.1 Host: wordpress Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko Chrome/51.0.2704.103 Safari/537.36 Accept:...
WordPress 404 to 301 Plugin <= 2.3.0 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update this plugin...