CVE-2024-11094

Name of the Vulnerable Software and Affected Versions The 404 Solution plugin for WordPress versions up to, and including, 2.35.17

Description The issue allows unauthenticated attackers to extract sensitive data, such as redirects including GET parameters, via the export feature. This could potentially reveal sensitive information.

Recommendations For versions up to, and including, 2.35.17, update to a version later than 2.35.17 to resolve the issue. As a temporary workaround, consider disabling the export feature until a patch is available. Restrict access to the export functionality to minimize the risk of exploitation. Avoid using the export feature in the affected plugin until the issue is resolved.