2 matches found
CVE-2024-1566 Redirects <= 1.2.1 - Missing Authorization via save
The Redirects plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save function in all versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to change redirects created with this plugin. This could...
CVE-2024-1566
The PatchSTACK entry confirms a concrete vulnerability in the WordPress Redirects plugin (versions up to and including 1.2.1). Root cause: missing capability check on the save function. Impact: unauthenticated attackers can modify redirects created with this plugin, enabling undesired redirection...