The Redirects plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save function in all versions up to, and including, 1.2.1. This makes it possible for unauthenticated attackers to change redirects created with this plugin. This could lead to undesired redirection to phishing sites or malicious web pages.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2024-08-07T17:42:30.243Z

Reserved: 2024-02-15T19:57:08.631Z

Link: CVE-2024-1566

cve-icon Vulnrichment

Updated: 2024-08-01T18:40:21.484Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-28T09:15:43.370

Modified: 2024-11-21T08:50:51.007

Link: CVE-2024-1566

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-12T22:09:41Z