VYPR

Wp Redirection

by WordPress

Source repositories

CVEs (3)

  • CVE-2023-1331MedApr 17, 2023
    risk 0.42cvss 6.5epss 0.00

    The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

  • CVE-2023-1330MedApr 3, 2023
    risk 0.42cvss 6.5epss 0.00

    The Redirection WordPress plugin before 1.1.4 does not add nonce verification in place when adding the redirect, which could allow attackers to add redirects via a CSRF attack.

  • CVE-2026-7562MedMay 12, 2026
    risk 0.28cvss 4.3epss 0.00

    The WP-Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.0.3. This is due to the absence of a nonce field in the admin settings form and the lack of any nonce verification (via check_admin_referer() or…