Simple 301 Redirects Addon Bulk Uploader <= 1.2.4 - Multiple Issues



Description
"Unauthenticated option changes vulnerability that could allow an attacker to redirect all pages and posts of the blog to a malicious website, as well as an authenticated options export/deletion vulnerability."

Affects Plugin

References

CVE 2019-15776
CVE 2019-15818
URL https://blog.nintechnet.com/unauthenticated-option-changes-in-wordpress-simple-301-redirects-addon-bulk-uploader-plugin/

Classification

Type MULTI

Miscellaneous

Original Researcher Jerome Bruandet (nintechnet.com)
Views 4590
Verified No
WPVDB ID 9503

Timeline

Publicly Published 2019-08-10 (2 months ago)
Added 2019-08-10 (2 months ago)
Last Updated 2019-08-30 (about 1 month ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin