Skip to main content

404 To 301

2 CVEs product

Monthly

CVE-2021-4338 MEDIUM POC PATCH This Month

The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functions in versions up to, and including, 3.0.7. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress Authentication Bypass 404 To 301
NVD WPScan
CVSS 3.1
6.4
EPSS
0.1%
CVE-2021-24766 MEDIUM POC This Month

The 404 to 301 - Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress 404 To 301
NVD WPScan
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 6.4
MEDIUM POC PATCH This Month

The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functions in versions up to, and including, 3.0.7. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress Authentication Bypass 404 To 301
NVD WPScan
EPSS 1% CVSS 6.5
MEDIUM POC This Month

The 404 to 301 - Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress 404 To 301
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy