QwikSec

Security Database

CVE

CWE

Training

CVE-2021-24853

Published: Nov 17, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscriber to change the redirect response status code of arbitrary QR Redirects

Vendor	Product	Versions
Unknown	QR Redirector	affected `1.6 - < 1.6`

Weaknesses (CWE)

References

https://wpscan.com/vulnerability/240bed24-0315-4bbf-ba17-e4947e5ecacb

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.