Vulnerabilities > CVE-2021-24847 - Unspecified vulnerability in Wp-Buy SEO Redirection-301 Redirect Manager

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
wp-buy

Summary

The importFromRedirection AJAX action of the SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 8.2, available to any authenticated user, does not properly sanitise the offset parameter before using it in a SQL statement, leading an SQL injection when the redirection plugin is also installed

Vulnerable Configurations

Part Description Count
Application
Wp-Buy
1