ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Redirection plugin <= 2.7.3 - Authenticated Local File Inclusion vulnerability

Product
Redirection
Description
Authenticated Local File Inclusion vulnerability found by Glyn Wintle in WordPress Redirection plugin (versions <= 2.7.3).
Solution
Update the WordPress Redirection plugin to the latest available version (at least 2.8).
Classification
Type Local File Inclusion
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.7.3
Fixed In 2.8
Disclosure date
2018-06-20
Credits
Glyn Wintle
Submitter
ThreatPress