CVE-2023-1331
Redirection < 1.1.5 - Plugin Reset via CSRF
The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Affected products
Unknown · RedirectionWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →