SEO Redirection < 7.1 – Authenticated Stored Cross-Site Scripting (XSS) | CVE 2021-24327 | Plugin Vulnerabilities

Description

The plugin does not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users (even with the unfiltered_html disabled) to set XSS payloads in them

Proof of Concept

Create a new Custom redirect (/wp-admin/options-general.php?page=seo-redirection.php) and set a payload such as /"><script>alert(/XSS/)</script> in the Redirect From and Redirect To fields

Affects Plugins

seo-redirection

Fixed in 7.1

References

CVE

URL

https://m0ze.ru/vulnerability/[2021-05-01]-[WordPress]-[CWE-79]-SEO-Redirection-WordPress-Plugin-v6.4.txt

YouTube Video

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

m0ze

Verified

Yes

WPVDB ID

ca8068f7-dcf0-44fd-841d-d02987220d79

Timeline

Publicly Published

2021-04-16 (about 4 years ago)

Added

2021-04-27 (about 4 years ago)

Last Updated

2022-02-13 (about 3 years ago)

Other

Published

Title

Published

2023-11-07

Title

Actueel Financieel Nieuws – Denk Internet Solutions < 6.0.0 - Admin+ Stored XSS

Published

2025-10-06

Title

Cornerstone <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2025-01-16

Title

Recip.ly Plugin <= 1.1.8 - Reflected Cross-Site Scripting

Published

2025-04-16

Title

Author WIP Progress Bar <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-12-24

Title

PageLayer < 1.8.1 - Admin+ Stored XSS