cve/2019/CVE-2019-15776.md

CVE-2019-15776

Description

The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file.

POC

Reference

• https://threatpost.com/wordpress-plugins-exploited-in-ongoing-attack-researchers-warn/147671/
• https://wpvulndb.com/vulnerabilities/9503

Github

No PoCs found on GitHub currently.