Qr Redirector Project

qr_redirector_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Qr Redirector

qr_redirector

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-24854 1Qr Redirector Project 1Qr Redirector Nov 21, 2024 Nov 17, 2021 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 The QR Redirector WordPress plugin before 1.6.1 does not sanitise and escape some of the QR Redirect fields, which could allow users with a role as low as Contributor perform Stored Cross-Site Scripting attacks.
CVE-2021-24853 1Qr Redirector Project 1Qr Redirector Nov 21, 2024 Nov 17, 2021 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscribe...Show more The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscriber to change the redirect response status code of arbitrary QR RedirectsShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2021-24854

1Qr Redirector Project

1Qr Redirector

Nov 21, 2024

Nov 17, 2021

N/A· v4

5.4 MEDIUM· v3

3.5 LOW· v2

The QR Redirector WordPress plugin before 1.6.1 does not sanitise and escape some of the QR Redirect fields, which could allow users with a role as low as Contributor perform Stored Cross-Site Scripting attacks.

CVE-2021-24853

1Qr Redirector Project

1Qr Redirector

Nov 21, 2024

Nov 17, 2021

N/A· v4

4.3 MEDIUM· v3

4.3 MEDIUM· v2

The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscribe...Show more