Vulnerabilities > Duckdev > 404 TO 301 > 1.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2021-4338 | Missing Authorization vulnerability in Duckdev 404 to 301 The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functions in versions up to, and including, 3.0.7. | 5.4 |
| 2019-08-16 | CVE-2015-9323 | SQL Injection vulnerability in Duckdev 404 to 301 The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection. | 9.8 |