CVE-2021-24352: Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Export
First published: Mon Jun 14 2021(Updated: )
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.
Credit: contact@wpscan.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wpdeveloper Simple 301 Redirects | >=2.0.0<2.0.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Simple 301 Redirects by BetterLinks WordPress plugin vulnerability?
The vulnerability ID for this Simple 301 Redirects by BetterLinks WordPress plugin vulnerability is CVE-2021-24352.
What is the severity level of CVE-2021-24352?
CVE-2021-24352 has a severity level of 8.8 (high).
What is the affected software for CVE-2021-24352?
The affected software for CVE-2021-24352 is Simple 301 Redirects by BetterLinks WordPress plugin version 2.0.0 to 2.0.4.
What is the impact of CVE-2021-24352?
CVE-2021-24352 allows unauthenticated users to export a site's redirects in Simple 301 Redirects by BetterLinks WordPress plugin.
Are there any patches or fixes available for CVE-2021-24352?
Yes, patches have been released to fix CVE-2021-24352. It is recommended to update to version 2.0.4 of the Simple 301 Redirects by BetterLinks WordPress plugin.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/event
- agent/first-publish-date
- agent/description
- vendor/wpdeveloper
- canonical/wpdeveloper simple 301 redirects
- version/wpdeveloper simple 301 redirects/2.0.0