CVE-2021-24327

Summary

The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users (even with the unfiltered_html disabled) to set XSS payloads

Affected Software

VendorProductVersion RangeStatus
UnknownSEO Redirection Plugin – 301 Redirect Manager6.4 < 6.4affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References