CVE-2021-4338

Name of the Vulnerable Software and Affected Versions 404 to 301 plugin for WordPress versions up to, and including, 3.0.7

Description The issue is related to authorization bypass due to missing capability checks on the open redirect and save redirect functions. This allows authenticated attackers to view, create, and edit redirections.

Recommendations For versions up to, and including, 3.0.7, update to a version higher than 3.0.7 to resolve the issue. As a temporary workaround, consider restricting access to the open redirect and save redirect functions to prevent exploitation.