← back
CVE-2019-15818

CVE-2019-15818

EPSS 1.5%
The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.nintechnet.com/unauthenticated-option-changes-in-wordpress-simple-301-redirects-addon-bulk-uploader-plugin/https://wordpress.org/plugins/simple-301-redirects-addon-bulk-uploader/#developershttps://wpvulndb.com/vulnerabilities/9503