Inisev

Redirection

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-3977

Exploit
  • EPSS 0.45%
  • Veröffentlicht 28.07.2023 05:15:11
  • Zuletzt bearbeitet 03.04.2025 12:44:20

Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in va...

6.5

CVE-2023-0958

  • EPSS 0.22%
  • Veröffentlicht 28.07.2023 05:15:09
  • Zuletzt bearbeitet 03.04.2025 12:44:20

Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. This make...

6.5

CVE-2023-1331

Exploit
  • EPSS 0.12%
  • Veröffentlicht 17.04.2023 13:15:38
  • Zuletzt bearbeitet 06.02.2025 17:15:15

The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.

6.5

CVE-2023-1330

Exploit
  • EPSS 0.13%
  • Veröffentlicht 03.04.2023 15:15:19
  • Zuletzt bearbeitet 14.02.2025 17:15:13

The Redirection WordPress plugin before 1.1.4 does not add nonce verification in place when adding the redirect, which could allow attackers to add redirects via a CSRF attack.