WP Clinic
Log in Sign up

PLUGIN SECURITY

Is 404 To 301 safe?

Known vulnerabilities, PHP compatibility and safer alternatives for the 404 To 301 WordPress plugin — checked against WP Clinic's local security database.

Plugin details

  • Slug: 404-to-301
  • Requires PHP: 7.4+
  • Max supported PHP (analyzed): 8.4

Known vulnerabilities

  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.9 [CVE-2021-24766, WordPress 404 to 301 plugin <= 3.0.8 - Cross-Site Request Forgery (CSRF) vulnerability leading to Logs Deletion, 404 to 301 &lt; 3.0.9 - Logs Deletion via CSRF, 404 to 301 <= 3.0.8 - Logs Deletion via Cross-Site Request Forgery]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.0.3 [CVE-2015-9323, 404 to 301 &lt;= 2.0.2 - Authenticated Blind SQL Injection, 404 to 301 – Redirect, Log and Notify 404 Errors <= 2.0.2 - SQL Injection]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.8 [WordPress 404 to 301 plugin <= 3.0.7 - Broken Access Control vulnerability]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.2 [WordPress 404 to 301 plugin <= 3.0.1 - Authenticated Option Update vulnerability (Fremius Library security issue)]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.2.9 [WordPress 404 to 301 Plugin <= 2.2.8 - Persistent Cross Site Scripting]
+ 14 more known vulnerabilities
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.3.3 [WordPress 404 to 301 Plugin <= 2.3.1 - Persistent Cross-Site Scripting (XSS) Vulnerability]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.3.1 [WordPress 404 to 301 Plugin <= 2.3.0 - Cross Site Scripting]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.0.3 [WordPress 404 to 301 Plugin <= 2.0.2 - Blind SQL Injection]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.1.2 [WordPress 404 to 301 plugin <= 3.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.1.2 [404 to 301 &lt; 3.1.2 - Reflected Cross-Site Scripting]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.2 [Freemius Library &lt; 2.2.4 - Subscriber+ Arbitrary Option Update]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.8 [404 to 301 &lt; 3.0.8 - Broken Access Control]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.3.1 [404 to 301 &lt;= 2.3.0 - Unauthenticated Stored Cross-Site Scripting (XSS)]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.1.2 [404 to 301 – Redirect, Log and Notify 404 Errors <= 3.1.1 - Reflected Cross-Site Scripting]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.8 [404 to 301 <= 3.0.7 - Missing Authorization to Redirect Creation]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.2 [Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 2.3.1 [404 to 301 <= 2.3.0 - Unauthenticated Stored Cross-Site Scripting]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.8 [CVE-2021-4338]
  • 404 to 301 – Redirect Manager, 404 Error Logs &amp; Notifications [404-to-301] < 3.0.6 [CVE-2023-33999, WordPress 404 to 301 Plugin <= 3.0.5 is vulnerable to Cross Site Scripting (XSS), Freemius SDK &lt; 2.5.10 - Reflected Cross-Site Scripting]

Vulnerabilities are matched against the exact installed version when it's known. Always keep the plugin updated to the latest release.

Safer / more established alternatives

Check your own WordPress site

Run a free passive scan now, or create a free account and install the WP Clinic plugin for a deep scan of your whole hosting account and AI-assisted repair.