CVE-2019-15818

CVE-2019-15818

EPSS 1.5%

The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for WordPress has no requirement for authentication for action=bulk301export or action=bulk301clearlist.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.nintechnet.com/unauthenticated-option-changes-in-wordpress-simple-301-redirects-addon-bulk-uploader-plugin/https://wordpress.org/plugins/simple-301-redirects-addon-bulk-uploader/#developers https://wpvulndb.com/vulnerabilities/9503