← Back

All In One Redirection

all_in_one_redirection

Vendor: Vsourz • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-37245
1Vsourz
1All In One Redirection
Nov 21, 2024
Jul 22, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Reflected XSS.This issue affects All In One Redirection: from n/a...Show more
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Reflected XSS.This issue affects All In One Redirection: from n/a through 2.2.0.Show less
CVE-2023-2493
1Vsourz
1All In One Redirection
Nov 21, 2024
Jul 10, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape multiple parameters before using them in an SQL statement, leading to a SQL injection exploitable by high privilege users suc...Show more
The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape multiple parameters before using them in an SQL statement, leading to a SQL injection exploitable by high privilege users such as admin.Show less