Description
WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader is prone to multiple security bypass vulnerabilities. Exploiting these issues may allow attackers to perform otherwise restricted actions and subsequently redirect all pages and posts of the blog to a malicious website, or export and clear the plugin settings. WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader version 1.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.2.5 or latest
References
Related Vulnerabilities
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
WordPress Plugin Timetable and Event Schedule by MotoPress Unspecified Vulnerability (2.4.3)
WordPress Plugin Custom Add User Cross-Site Scripting (2.0.2)
MySQL CVE-2012-0119 Vulnerability (CVE-2012-0119)
WordPress Plugin youForms for WordPress-Creating Forms for CopeCart Cross-Site Scripting (1.0.5)