CVE-2024-1566

Name of the Vulnerable Software and Affected Versions The Redirects plugin for WordPress versions up to, and including, 1.2.1

Description The issue is related to a missing capability check on the save function, allowing unauthorized modification of data. This could enable unauthenticated attackers to alter redirects, potentially leading to undesired redirection to phishing sites or malicious web pages.

Recommendations For versions up to, and including, 1.2.1, update to a version that includes a fix for the missing capability check on the save function. As a temporary workaround, consider restricting access to the save function until a patch is available.