RSS   Podatności dla 'All 404 redirect to homepage'   RSS

2021-05-17
 
CVE-2021-24324

CWE-352
 

 
The 404 SEO Redirection WordPress plugin through 1.3 is lacking CSRF checks in all its settings, allowing attackers to make a logged in user change the plugin's settings. Due to the lack of sanitisation and escaping in some fields, it could also lead to Stored Cross-Site Scripting issues

 
 
CVE-2021-24326

CWE-79
 

 
The tab parameter of the settings page of the All 404 Redirect to Homepage WordPress plugin before 1.21 was vulnerable to an authenticated reflected Cross-Site Scripting (XSS) issue as user input was not properly sanitised before being output in an attribute.

 

 >>> Vendor: Clogica 3 Produkty
Seo redirection
All 404 redirect to homepage
Seo redirection plugin


Copyright 2021, cxsecurity.com

 

Back to Top