WordPress Plugin Vulnerabilities
SEO Redirection < 7.9 - Arbitrary Redirect Deletion via CSRF
Description
The plugin does have CSRF in place, allowing attackers to make logged in admin delete arbitrary Custom and Post Redirects via a CSRF attack.
Proof of Concept
Affects Plugins
Fixed in 7.9 Classification
Type
CSRF
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
WPScanTeam
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2021-09-15 (about 4 years ago)
Added
2021-09-15 (about 4 years ago)
Last Updated
2021-09-15 (about 4 years ago)
WPScan 