The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delete all of them via a CSRF attack
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/cc13db1e-5f7f-49b2-81da-f913cfe70543 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2021-11-08T17:35:17
Updated: 2021-11-08T17:35:17
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24766
JSON object: View
NVD Information
Status : Modified
Published: 2021-11-08T18:15:09.623
Modified: 2023-11-07T03:31:20.313
Link: CVE-2021-24766
JSON object: View
Redhat Information
No data.
CWE