Log out
Get PRO

Latest

Access violation vulnerability in Redirection 1.1.9

  • Severity: medium-risk
  • Status: Open
  • Publication: April 10, 2024

Some plugins and themes created by Inisev for WordPress are at risk of being accessed without permission. This is because certain functions in different versions do not have proper checks to prevent unauthorized users from performing actions. This means that attackers who are logged in with a subscriber-level account or higher may be able to do things they are not supposed to do.

Detected in:

Backup Migration fixed vulnerable versions: >= * <= 1.4.1
Clone fixed vulnerable versions: >= * <= 2.4.3
Enhanced Text Widget fixed vulnerable versions: >= * <= 1.6.4
Redirection fixed vulnerable versions:
RSS Redirect & Feedburner Alternative fixed vulnerable versions: >= * <= 3.9
SSL Mixed Content Fix fixed vulnerable versions: >= * <= 3.2.6
Ultimate Posts Widget fixed vulnerable versions: >= * <= 2.2.9
Yoast Duplicate Post fixed vulnerable versions:
Pop-Up Chop Chop open vulnerable versions:
Social Share Icons & Social Share Buttons open vulnerable versions: >= * <= 3.6.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.