Reflected Cross-Site Scripting Vulnerability in SEO Blogger to WordPress Migration Plugin

CVE-2024-13422

What is CVE-2024-13422?

The SEO Blogger to WordPress Migration using 301 Redirection plugin is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability. This issue arises from inadequate input sanitization and output escaping in the 'url' parameter across all versions up to and including 0.4.8. As a result, unauthenticated attackers may exploit this vulnerability to inject malicious scripts into web pages. If a user unwittingly clicks on a specially crafted link, these scripts could be executed in the context of their browser session, potentially compromising user data and session integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References