The Premmerce Redirect Manager plugin for WordPress has a security vulnerability in versions up to 1.0.12 (exclusive). This vulnerability could allow an attacker with administrator-level permissions to inject malicious code into pages which would be executed when any user views these pages. This only applies to multi-site installations or installations where the “unfiltered_html” feature has been disabled.