Skip to main content

Advanced 301 And 302 Redirect

1 CVEs product

Monthly

CVE-2026-49067 CRITICAL Act Now

SQL injection in the Advanced 301 and 302 Redirect WordPress plugin (versions <= 1.6.9) allows remote unauthenticated attackers to inject arbitrary SQL queries into the underlying WordPress database. The flaw was reported by Patchstack and carries a CVSS 3.1 score of 9.3 with a scope change, indicating attacker-controlled input crosses a trust boundary. No public exploit identified at time of analysis, and EPSS data was not provided in the input.

SQLi Advanced 301 And 302 Redirect
NVD
CVSS 3.1
9.3
EPSS
0.3%
EPSS 0% CVSS 9.3
CRITICAL Act Now

SQL injection in the Advanced 301 and 302 Redirect WordPress plugin (versions <= 1.6.9) allows remote unauthenticated attackers to inject arbitrary SQL queries into the underlying WordPress database. The flaw was reported by Patchstack and carries a CVSS 3.1 score of 9.3 with a scope change, indicating attacker-controlled input crosses a trust boundary. No public exploit identified at time of analysis, and EPSS data was not provided in the input.

SQLi Advanced 301 And 302 Redirect
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy