vulnerability

WordPress Plugin: simple-301-redirects-addon-bulk-uploader: CVE-2019-15776: Missing Authorization

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Aug 10, 2019	May 15, 2025	May 5, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Aug 10, 2019

Added

May 15, 2025

Modified

May 5, 2026

Description

The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for WordPress has no protection against 301 redirect rule injection via a CSV file.

simple-301-redirects-addon-bulk-uploader-plugin-cve-2019-15776

Rapid7 Labs

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.