← Back

404 To 301

404_to_301

Vendor: Duckdev • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-4338
1Duckdev
1404 To 301
Apr 8, 2026
Jun 7, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functions in versions up to, and including, 3.0.7. This makes it possible fo...Show more
The 404 to 301 plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on the open_redirect & save_redirect functions in versions up to, and including, 3.0.7. This makes it possible for authenticated attackers to view, create and edit redirections.Show less
CVE-2015-9323
1Duckdev
1404 To 301
Nov 21, 2024
Aug 16, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.