VulnTitan VulnTitan Security command center
Plugin Vulnerability Hub
Plugin 7 known issues Latest disclosed Nov 13, 2023

Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerabilities

Review known vulnerability records for the WordPress plugin Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More (`simple-301-redirects`), including severity, CVE references, affected versions, and patch status.

Recent tracked CVEs on this page include CVE-2023-47761 and CVE-2021-24356, so operators can jump from disclosure to patch validation without scanning the full feed first.

View on WordPress.org Back to Feed
Known Records
7
High or Critical
4
Patch Coverage
100%
Last Updated
Jan 22, 2024
Priority CVE Quick Links

Fast paths into Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More CVE reports

Start with the highest-signal CVE records for this WordPress plugin before scanning the full vulnerability feed.

Indexed CVEs
6
CVE-2021-24356 High 2.0.4
CVE-2021-24356 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Arbitrary Plugin Activation

CVE-2021-24354 High 2.0.4
CVE-2021-24354 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Arbitrary Plugin Installation

CVE-2021-24353 High 2.0.4
CVE-2021-24353 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects 2.0.0 - 2.0.3 - Unauthenticated Redirect Import

CVE-2021-24352 High 2.0.4
CVE-2021-24352 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects 2.0.0 - 2.0.3 - Unauthenticated Redirect Export

CVE-2023-47761 Medium 2.0.8
CVE-2023-47761 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects by BetterLinks <= 2.0.7 - Missing Authorization via clicked

CVE-2021-24355 Medium 2.0.4
CVE-2021-24355 Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More Vulnerability

Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Wildcard Activation and Retrieval

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More so operators can confirm whether a disclosed issue maps to the installed slug, version range, and patch path.

Patch Visibility
7 records include a published patch path, leaving 0 with no listed safe release yet.
Severity Mix
0 critical and 4 high severity findings.
Recent CVEs
CVE-2023-47761 and CVE-2021-24356
Reference Workflow
Jump from the hub into the full report when you need remediation notes, exploit context, CVSS vectors, or source references.
Triage First

Open the records most likely to drive action

These recent records surface the CVE strings, patch cues, and direct report links most operators need first.

Known Vulnerabilities

Reports for Simple 301 Redirects By BetterLinks – Easy WordPress Redirect Manager for Redirects, 404 Error Log & More

Sorted by latest disclosure date so newly published issues surface first.

Plugin Medium Patched: Yes CVE-2023-47761
CVE-2023-47761: Simple 301 Redirects by BetterLinks <= 2.0.7 - Missing Authorization via clicked

The Simple 301 Redirects by BetterLinks plugin for WordPress is vulnerable to unauthorized enabling of plugin usage tracking due to a missing capability check on the clicked function in all versions up to, and including, 2.0.7. This makes it possible for subscribers to enable plu...

Published
Nov 13, 2023
Patched Release
2.0.8
Affected Versions
Versions up to 2.0.7
Next Step
Update to 2.0.8 or newer if supported.
Open CVE-2023-47761 Report Open CVE Reference
Plugin Medium Patched: Yes
Simple 301 Redirects <= 2.0.7 - Cross-Site Request Forgery via 'clicked'

The Simple 301 Redirects plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.7. This is due to missing or incorrect nonce validation on the 'clicked' function. This makes it possible for unauthenticated attackers to enable or dis...

Published
Aug 30, 2023
Patched Release
2.0.8
Affected Versions
Versions before 2.0.8
Next Step
Update to 2.0.8 or newer if supported.
Open Full Report
Plugin High Patched: Yes CVE-2021-24356
CVE-2021-24356: Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Arbitrary Plugin Activation

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vul...

Published
May 26, 2021
Patched Release
2.0.4
Affected Versions
2.0.0 through 2.0.3
Next Step
Update to 2.0.4 or newer if supported.
Open CVE-2021-24356 Report Open CVE Reference
Plugin Medium Patched: Yes CVE-2021-24355
CVE-2021-24355: Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Wildcard Activation and Retrieval

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability checks and insufficient nonce check on the AJAX actions, simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard, made it possible for authenticated users to retri...

Published
May 26, 2021
Patched Release
2.0.4
Affected Versions
2.0.0 through 2.0.3
Next Step
Update to 2.0.4 or newer if supported.
Open CVE-2021-24355 Report Open CVE Reference
Plugin High Patched: Yes CVE-2021-24354
CVE-2021-24354: Simple 301 Redirects 2.0.0 - 2.0.3 - Authenticated Arbitrary Plugin Installation

A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.

Published
May 26, 2021
Patched Release
2.0.4
Affected Versions
2.0.0 through 2.0.3
Next Step
Update to 2.0.4 or newer if supported.
Open CVE-2021-24354 Report Open CVE Reference
Plugin High Patched: Yes CVE-2021-24353
CVE-2021-24353: Simple 301 Redirects 2.0.0 - 2.0.3 - Unauthenticated Redirect Import

The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.

Published
May 26, 2021
Patched Release
2.0.4
Affected Versions
2.0.0 through 2.0.3
Next Step
Update to 2.0.4 or newer if supported.
Open CVE-2021-24353 Report Open CVE Reference
Plugin High Patched: Yes CVE-2021-24352
CVE-2021-24352: Simple 301 Redirects 2.0.0 - 2.0.3 - Unauthenticated Redirect Export

The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.

Published
May 26, 2021
Patched Release
2.0.4
Affected Versions
2.0.0 through 2.0.3
Next Step
Update to 2.0.4 or newer if supported.
Open CVE-2021-24352 Report Open CVE Reference