The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-04-17T12:17:45.594Z

Updated: 2024-08-02T05:40:59.887Z

Reserved: 2023-03-10T17:04:12.408Z

Link: CVE-2023-1331

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-17T13:15:38.240

Modified: 2024-11-21T07:38:58.457

Link: CVE-2023-1331

cve-icon Redhat

No data.