Descrição
The 404 SEO Redirection WordPress plugin through 1.3 is lacking CSRF checks in all its settings, allowing attackers to make a logged in user change the plugin’s settings. Due to the lack of sanitisation and escaping in some fields, it could also lead to Stored Cross-Site Scripting issues
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2021-24324
Tags
Nâo informado
Data de publicação
17/05/2021
Última atualização
24/02/2022
Pontuação em CVSS 3.0
6.5
Médio