Vulnerabilities > CVE-2021-24766 - Unspecified vulnerability in 404 to 301 Project 404 to 301

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

404-to-301-project

NVD

Published: 2021-11-08

Updated: 2024-11-21

Summary

The 404 to 301 – Redirect, Log and Notify 404 Errors WordPress plugin before 3.0.9 does not have CSRF check in place when cleaning the logs, which could allow attacker to make a logged in admin delete all of them via a CSRF attack

Vulnerable Configurations

Part	Description	Count
Application	404_To_301_Project 404 TO 301 Project 404 TO 301 *	1

References

https://wpscan.com/vulnerability/cc13db1e-5f7f-49b2-81da-f913cfe70543
https://wpscan.com/vulnerability/cc13db1e-5f7f-49b2-81da-f913cfe70543