CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24325 – 404 SEO Redirection <= 1.3 - Reflected Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24325
16 Apr 2021 — The tab parameter of the settings page of the 404 SEO Redirection WordPress plugin through 1.3 is vulnerable to a reflected Cross-Site Scripting (XSS) issue as user input is not properly sanitised or escaped before being output in an attribute. El parámetro tab de la página de configuración del plugin de WordPress 404 SEO Redirection hasta versiones 1.3 es vulnerable a un problema de tipo Cross-Site Scripting (XSS) reflejado, ya que la entrada del usuario no es saneada apropiadamente o se escapa antes de se... • https://wpscan.com/vulnerability/96e9a7fd-9ab8-478e-9420-4bca2a0b23a1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-24327 – SEO Redirection < 6.4 - Authenticated Stored Cross-Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2021-24327
16 Apr 2021 — The SEO Redirection Plugin – 301 Redirect Manager WordPress plugin before 6.4 did not sanitise the Redirect From and Redirect To fields when creating a new redirect in the dashboard, allowing high privilege users (even with the unfiltered_html disabled) to set XSS payloads El plugin de WordPress SEO Redirection Plugin – 301 Redirect Manager versiones anteriores a 6.4, no sanea los campos Redirect From y Redirect To, cuando se crea una nueva redirección en el panel, permitiendo a usuarios con altos privile... • https://wpscan.com/vulnerability/ca8068f7-dcf0-44fd-841d-d02987220d79 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •