Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Import
CVE-2021-24353
8.8HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 14 June 2021
What is CVE-2021-24353?
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.
Affected Version(s)
Simple 301 Redirects by BetterLinks 2.0.0 < 2.0.0*
Simple 301 Redirects by BetterLinks 2.0.4