Vulnerabilities found in 301 Redirects – Easy Redirect Manager, a WordPress plugin installed on over 70,000 websites. This allowed any authenticated user, even subscribers, to modify, delete, and inject redirect rules that could potentially result in a loss of site availability.
Plugin author have released a patch. We highly recommend to update immediately. This is considered a critical security issue, and websites running 301 Redirects – Easy Redirect Manager 2.40 or below should be updated to version 2.45 immediately.
Contact WordPromise (support@wordpromise.com) if you need assistance.
