Unrated severityNVD Advisory· Published Dec 14, 2021· Updated Feb 14, 2025
.htaccess Redirect <= 0.3.1 Reflected Cross-Site Scripting
CVE-2021-38361
Description
The .htaccess Redirect WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the link parameter found in the ~/htaccess-redirect.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.3.1.
Affected products
1- Range: 0.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- plugins.trac.wordpress.org/browser/htaccess-redirect/trunk/htaccess-redirect.phpmitrex_refsource_MISC
- www.wordfence.com/vulnerability-advisories/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.