3 matches found
CVE-2021-24766
The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delete all of them via a CSRF attack...
CVE-2021-24766 404 to 301 < 3.0.9 - Logs Deletion via CSRF
The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delete all of them via a CSRF attack...
CVE-2021-24766
The CVE-2021-24766 entry concerns the WordPress plugin “404 to 301 – Redirect, Log and Notify 404 Errors” (versions prior to 3.0.9). The root cause reported across connected sources is lack of CSRF protection when cleaning logs, enabling a logged-in attacker to trigger a CSRF attack that could ca...