Vulnerabilities > QR Redirector Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-17	CVE-2021-24853	Cross-Site Request Forgery (CSRF) vulnerability in QR Redirector Project QR Redirector The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscriber to change the redirect response status code of arbitrary QR Redirects network low complexity qr-redirector-project CWE-352	4.3
2021-11-17	CVE-2021-24854	Unspecified vulnerability in QR Redirector Project QR Redirector The QR Redirector WordPress plugin before 1.6.1 does not sanitise and escape some of the QR Redirect fields, which could allow users with a role as low as Contributor perform Stored Cross-Site Scripting attacks. network low complexity qr-redirector-project	5.4

Vulnerabilities > QR Redirector Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"QR Redirector Project"}]}