ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities

Product
Quick Page/Post Redirect
Description
WordPress Quick Page/Post Redirect plugin is prone to multiple vulnerabilities, such as CSRF and XSS. Because of this vulnerabilities, an admin user can be persuaded to visit a URL of the attacker’s choosing, the attacker can insert arbitrary JavaScript into an admin page. In that way the admin's browser can create or delete posts, create new admin users or exploit vulnerabilities.
Solution
Upgrade to version 5.0.5.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE- 2014-2598
Versions
Affected In <= 5.0.3
Fixed In 5.0.4
Disclosure date
2014-04-14
Credits
Tom Adams