CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24853

The QR Redirector WordPress plugin before 1.6 does not have capability and CSRF checks when saving bulk QR Redirector settings via the qr_save_bulk AJAX action, which could allow any authenticated user, such as subscriber to change the redirect response status code of arbitrary QR Redirects

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.6%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.3

References

Products affected by CVE-2021-24853

Qr Redirector Project » Qr Redirector » Version: N/A

cpe:2.3:a:qr_redirector_project:qr_redirector:-
Qr Redirector Project » Qr Redirector » Version: 1.0

cpe:2.3:a:qr_redirector_project:qr_redirector:1.0
Qr Redirector Project » Qr Redirector » Version: 1.1

cpe:2.3:a:qr_redirector_project:qr_redirector:1.1
Qr Redirector Project » Qr Redirector » Version: 1.2

cpe:2.3:a:qr_redirector_project:qr_redirector:1.2
Qr Redirector Project » Qr Redirector » Version: 1.3

cpe:2.3:a:qr_redirector_project:qr_redirector:1.3
Qr Redirector Project » Qr Redirector » Version: 1.4

cpe:2.3:a:qr_redirector_project:qr_redirector:1.4
Qr Redirector Project » Qr Redirector » Version: 1.5

cpe:2.3:a:qr_redirector_project:qr_redirector:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-24853

Products

Pricing

Contact Us