CVE-2021-24356

HIGH

Simple 301 Redirects by BetterLinks 2.0.0-2.0.4 - Authenticated Arbitrary Plugin Activation via AJAX Action

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-24356. PoCs published by RandomRobbieBF.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2021-24356, which allows authenticated WordPress users to arbitrarily install and activate plugins due to insufficient capability checks and nonce validation in the Simple 301 Redirects plugin.

Description

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites.

Exploits (1)

nomisec WORKING POC
by RandomRobbieBF · poc
https://github.com/RandomRobbieBF/CVE-2021-24356

This repository contains a functional Python exploit for CVE-2021-24356, which allows authenticated WordPress users to arbitrarily install and activate plugins due to insufficient capability checks and nonce validation in the Simple 301 Redirects plugin.

Classification
Working Poc 95%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Simple 301 Redirects by BetterLinks (versions 2.0.0 - 2.0.3)
Auth required
Prerequisites: Valid WordPress credentials · Target site running vulnerable plugin version
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.8
EPSS 0.0300
EPSS Percentile 85.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (1)
wpdeveloper/simple_301_redirects 2.0.0 - 2.0.4
Published Jun 14, 2021
Tracked Since Feb 18, 2026