How severe is CVE-2021-4348?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2021-4348?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2021-4348

MEDIUM Year: 2021

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-601

View all →

Vulnerability Description

The Ultimate GDPR & CCPA plugin for WordPress is vulnerable to unauthenticated settings import and export via the export_settings & import_settings functions in versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to change plugin settings and conduct attacks such as redirecting visitors to malicious sites.

CVE-2005-10001

MEDIUM

CVSS:6.1(Medium)

A vulnerability was found in Netegrity SiteMinder up to 4.5.1 and classified as critical. Affected by this issue is the file /siteminderagent/pwcgi/smpwservicescgi.exe of the component Login. The mani...

CWE-6012005

CVE-2005-4206

MEDIUM

CVSS:6.1(Medium)

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks ...

CWE-6012005

CVE-2008-2052

MEDIUM

CVSS:6.1(Medium)

Open redirect vulnerability in redirect.php in Bitrix Site Manager 6.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the goto parameter.

CWE-6012008

CVE-2008-2951

MEDIUM

CVSS:6.1(Medium)

Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possi...

CWE-6012008