Description
WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently redirect all pages and posts of the blog to a malicious website, or export and clear the plugin settings. WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader version 1.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.5 or latest
References
Related Vulnerabilities
WordPress Plugin Invite Anyone Security Bypass (1.3.14)
Internet Information Services Unchecked Return Value Vulnerability (CVE-2005-4360)
WordPress Plugin Woocommerce Category Banner Management Security Bypass (1.1.1)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Multiple Vulnerabilities (3.7.0)