VYPR

Redirection

by Inisev

CVEs (7)

  • CVE-2023-3977MedJul 28, 2023
    risk 0.21cvss 4.3epss 0.01

    Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it…

  • CVE-2023-0958MedJul 28, 2023
    risk 0.21cvss 4.3epss 0.01

    Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This makes it possible for…

  • CVE-2023-1331Apr 17, 2023
    risk 0.00cvss epss 0.00

    The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

  • CVE-2023-1330Apr 3, 2023
    risk 0.00cvss epss 0.00

    The Redirection WordPress plugin before 1.1.4 does not add nonce verification in place when adding the redirect, which could allow attackers to add redirects via a CSRF attack.

  • CVE-2022-38704Sep 23, 2022
    risk 0.00cvss epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history.

  • CVE-2011-5329Aug 28, 2019
    risk 0.00cvss epss 0.01

    The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562.

  • CVE-2012-6717Aug 28, 2019
    risk 0.00cvss epss 0.01

    The redirection plugin before 2.2.12 for WordPress has XSS, a different issue than CVE-2011-4562.