PT-2019-14385 · WordPress · Simple-301-Redirects-Addon-Bulk-Uploader

Published

2019-08-29

Updated

2019-09-04

CVE-2019-15776

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions simple-301-redirects-addon-bulk-uploader plugin versions prior to 1.2.5

Description The issue concerns the lack of protection against 301 redirect rule injection via a CSV file in the simple-301-redirects-addon-bulk-uploader plugin for WordPress.

Recommendations For versions prior to 1.2.5, update to version 1.2.5 or later to resolve the issue.

Exploit

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2019-15776

Affected Products

Simple-301-Redirects-Addon-Bulk-Uploader

PT-2019-14385 · WordPress · Simple-301-Redirects-Addon-Bulk-Uploader

CVE-2019-15776

Weakness Enumeration

Related Identifiers

Affected Products

References · 5