CVE-2021-24142

CVE-2021-24142: 301 Redirects - Easy Redirect Manager < 2.51 - Authenticated SQL Injection

Vendor Unknown

Product 301 Redirects - Easy Redirect Manager

Weakness CWE-89 · SQLi

Published March 18, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Unvaludated input in the 301 Redirects - Easy Redirect Manager WordPress plugin, versions before 2.51, did not sanitise its "Redirect From" column when importing a CSV file, allowing high privilege users to perform SQL injections.

Key dates

02Disclosure timeline

March 18, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24142

Related vulnerabilities

04Related CVE

CVE-2017-20103 Kama Click Counter Plugin admin.php Blind sql injection CVE-2025-30806 WordPress Vimeotheque plugin <= 2.3.4.2 - SQL Injection vulnerability CVE-2022-2674 SourceCodester Best Fee Management System admin_class.php login sql injection CVE-2025-30971 WordPress XV Random Quotes plugin <= 2.0.0 - SQL Injection vulnerability CVE-2025-2358 Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injection