CVE-2021-24832

CVE-2021-24832: WP SEO Redirect 301 < 2.3.2 - Redirect Deletion via CSRF

Vendor Unknown

Product WP SEO Redirect 301

Weakness CWE-352 · CSRF

Published November 8, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CSRF in place when deleting redirects, which could allow attackers to make a logged in admin delete them via a CSRF attack

Key dates

02Disclosure timeline

November 8, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24832 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2024-4499 CSRF Vulnerability in parisneo/lollms XTTS Server CVE-2022-30705 WordPress WordPress Ping Optimizer Plugin <= 2.35.1.2.3 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2025-48303 WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-49435 WordPress Wp Easy Allopass plugin <= 4.1.1 - Cross Site Request Forgery (CSRF) Vulnerability CVE-2021-32730 No CSRF protection on the password change form