A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin prior to 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wpdeveloper simple 301 redirects |