[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFbUVZb30uBjhj_rOtjXp1V1FbcE8ioTmq9G26-vGNRY":3,"$fdrMOaMVghQYOz6x5yz0kxBDyX9aewZR-EwYoNThxy-s":381,"$fbJnSklUkOmYcGvOqwnI7_vNn3BV6YPPH0tYb-BiaqY0":385},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":26,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":105,"crawl_stats":37,"alternatives":113,"analysis":114,"fingerprints":347},"premmerce-redirect-manager","Premmerce Redirect Manager","1.0.13","Premmerce","https:\u002F\u002Fprofiles.wordpress.org\u002Fpremmerce\u002F","\u003Cp>The Premmerce Redirect Manager enables you to create 301 and 302 redirects and to set up the automatic redirects for the deleted products in the WooCommerce store.\u003Cbr \u002F>\nThis is the main Premmerce plugin for the redirect management and it focuses on the  improvement of  your store’s SEO, usability and navigation.\u003Cbr \u002F>\nAt the moment we are working on the tools needed for migration from other platforms to WooCommerce and the Redirect Manager would ensure the seamless flow of this process. We make sure your store doesn’t lose its position in the search engine.\u003Cbr \u002F>\nFull documentation is available here: \u003Ca href=\"https:\u002F\u002Fpremmerce.com\u002Fwoocommerce-redirect-manager\u002F\" rel=\"nofollow ugc\">Premmerce Redirect Manager\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Major features in “Premmerce Redirect Manager”\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>adding 301 redirects\u003C\u002Fli>\n\u003Cli>adding 302 redirects\u003C\u002Fli>\n\u003Cli>setting up automatic redirects for products\u003C\u002Fli>\n\u003Cli>a convenient interface for  adding and editing redirects\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Demo\u003C\u002Fh4>\n\u003Cp>You can create your personal demo store and test  this plugin together with \u003Ca href=\"https:\u002F\u002Fpremmerce.com\u002Ffeatures\u002F\" rel=\"nofollow ugc\">Premmerce Premium\u003C\u002Fa> and all other Premmerce plugins and themes  developed by our team here:  \u003Ca href=\"https:\u002F\u002Fpremmerce.com\u002Fpremmerce-woocommerce-demo\u002F\" rel=\"nofollow ugc\">Premmerce WooCommerce Demo\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Compatibility with other Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WooCommerce\u003C\u002Fli>\n\u003Cli>WooCommerce Multilingual\u003C\u002Fli>\n\u003Cli>WPML\u003C\u002Fli>\n\u003C\u002Ful>\n","The Premmerce Redirect Manager enables you to create 301 and 302 redirects and to set up the automatic redirects for the deleted products in the WooCo &hellip;",600,15944,100,2,"2026-02-18T22:15:00.000Z","6.9.4","4.8","5.6",[20,21,22],"301-redirects-manager","woocommerce-redirect-manager","wordpress-redirect-manager","https:\u002F\u002Fpremmerce.com\u002Fwoocommerce-redirect-manager\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.13.zip",95,4,0,"2026-03-20 00:00:00","2026-04-16T10:56:18.058Z","no_bundle",[32,66,82,96],{"id":33,"url_slug":34,"title":35,"description":36,"plugin_slug":4,"theme_slug":37,"affected_versions":38,"patched_in_version":6,"severity":39,"cvss_score":40,"cvss_vector":41,"vuln_type":42,"published_date":28,"updated_date":43,"references":44,"days_to_patch":46,"patch_diff_files":47,"patch_trac_url":37,"research_status":55,"research_verified":56,"research_rounds_completed":57,"research_plan":58,"research_summary":59,"research_vulnerable_code":60,"research_fix_diff":61,"research_exploit_outline":62,"research_model_used":63,"research_started_at":64,"research_completed_at":65,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":56,"poc_model_used":37,"poc_verification_depth":37},"CVE-2026-32541","premmerce-redirect-manager-missing-authorization","Premmerce Redirect Manager \u003C= 1.0.12 - Missing Authorization","The Premmerce Redirect Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform an unauthorized action.",null,"\u003C=1.0.12","medium",4.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Missing Authorization","2026-03-27 19:24:58",[45],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F56a68cad-2abf-4b22-ae05-243e8901a9d8?source=api-prod",8,[48,49,50,51,52,53,54],"assets\u002Fadmin\u002Fjs\u002Fpremmerce-redirect.js","premmerce-redirect.php","readme.txt","src\u002FAdmin\u002FAdmin.php","src\u002FAdmin\u002FRedirectsTable.php","src\u002FRedirectModel.php","src\u002FRedirectPlugin.php","researched",false,3,"# Vulnerability Research Plan: CVE-2026-32541 Premmerce Redirect Manager \u003C= 1.0.12\n\n## 1. Vulnerability Summary\nThe **Premmerce Redirect Manager** plugin (up to version 1.0.12) contains a missing authorization vulnerability. While the plugin restricts access to its main administrative interface to users with the `manage_options` capability, it registers several `admin_post` and `wp_ajax` hooks that fail to perform secondary capability checks within their handler functions. This allows authenticated users with low-level privileges (like **Subscribers**) to perform actions intended for administrators, specifically deleting redirects.\n\n## 2. Attack Vector Analysis\n- **Endpoint:** `\u002Fwp-admin\u002Fadmin-post.php` (for deletions) or `\u002Fwp-admin\u002Fadmin-ajax.php` (for information leakage).\n- **Primary Action:** `premmerce_delete_redirect` (registered via `admin_post` hook).\n- **Secondary Action:** `get_posts_by_string` (registered via `wp_ajax` hook).\n- **Parameters:**\n  - `action`: `premmerce_delete_redirect`\n  - `id`: The integer ID of the redirect to be deleted.\n  - `_wpnonce`: (Potentially required) CSRF token.\n- **Authentication Level:** Authenticated (Subscriber and above).\n- **Preconditions:** At least one redirect must exist in the `wp_premmerce_redirects` table.\n\n## 3","The Premmerce Redirect Manager plugin for WordPress is vulnerable to unauthorized access and information disclosure due to missing capability checks and nonce verification on several AJAX and admin-post endpoints. Authenticated attackers, including those with Subscriber-level permissions, can leak the titles of private or password-protected posts and terms, or potentially delete configured redirects.","\u002F\u002F src\u002FAdmin\u002FAdmin.php @ line 125\npublic function getPostsByString()\n{\n    if (isset($_POST['type'])) {\n        $objects = $this->model->getPostsByString($_POST);\n\n        wp_send_json($objects);\n    }\n}\n\n---\n\n\u002F\u002F src\u002FRedirectModel.php @ line 166\npublic function getPostsByString($data)\n{\n    if (in_array($data['type'], array('product', 'post', 'page'))) {\n        $objects = (new \\WP_Query(array(\n            's'           => isset($data['s'])? $data['s'] : '',\n            'post_type'   => $data['type'],\n            'numberposts' => 10,\n        )))->posts;\n    } else {\n        $objects = get_terms(array(\n            'hide_empty' => false,\n            'search'     => isset($data['s'])? $data['s'] : '',\n            'taxonomy'   => $data['type'],\n        ));\n    }\n\n    return $objects;\n}\n\n---\n\n\u002F\u002F src\u002FAdmin\u002FAdmin.php @ line 116\nadd_action('admin_post_premmerce_delete_redirect', array($this, 'deleteRedirect'));\nadd_action('wp_ajax_get_posts_by_string', array($this, 'getPostsByString'));","diff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fassets\u002Fadmin\u002Fjs\u002Fpremmerce-redirect.js \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fassets\u002Fadmin\u002Fjs\u002Fpremmerce-redirect.js\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fassets\u002Fadmin\u002Fjs\u002Fpremmerce-redirect.js\t2018-01-11 08:14:08.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fassets\u002Fadmin\u002Fjs\u002Fpremmerce-redirect.js\t2026-02-18 21:55:06.000000000 +0000\n@@ -13,6 +13,7 @@\n                         s: params.term,\n                         type: 'product',\n                         action: 'get_posts_by_string',\n+                        _wpnonce: premmerceRedirect.nonce,\n                     }\n                 },\n                 processResults: function(data) {\n@@ -39,6 +40,7 @@\n                         s: params.term,\n                         type: 'product_cat',\n                         action: 'get_posts_by_string',\n+                        _wpnonce: premmerceRedirect.nonce,\n                     }\n                 },\n                 processResults: function(data) {\n@@ -65,6 +67,7 @@\n                         s: params.term,\n                         type: 'category',\n                         action: 'get_posts_by_string',\n+                        _wpnonce: premmerceRedirect.nonce,\n                     }\n                 },\n                 processResults: function(data) {\n@@ -91,6 +94,7 @@\n                         s: params.term,\n                         type: 'post',\n                         action: 'get_posts_by_string',\n+                        _wpnonce: premmerceRedirect.nonce,\n                     }\n                 },\n                 processResults: function(data) {\n@@ -117,6 +121,7 @@\n                         s: params.term,\n                         type: 'page',\n                         action: 'get_posts_by_string',\n+                        _wpnonce: premmerceRedirect.nonce,\n                     }\n                 },\n                 processResults: function(data) {\ndiff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fsrc\u002FAdmin\u002FAdmin.php \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fsrc\u002FAdmin\u002FAdmin.php\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fsrc\u002FAdmin\u002FAdmin.php\t2023-08-23 11:19:54.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fsrc\u002FAdmin\u002FAdmin.php\t2026-02-18 21:55:06.000000000 +0000\n@@ -248,8 +248,20 @@\n      *\u002F\n     public function getPostsByString()\n     {\n+        if (! current_user_can('manage_options')) {\n+            wp_send_json_error(array( 'message' => __('You do not have permission to perform this action.', 'premmerce-redirect') ), 403);\n+        }\n+\n+        if (! isset($_POST['_wpnonce']) || ! wp_verify_nonce(wp_unslash($_POST['_wpnonce']), 'premmerce_redirect_search')) {\n+            wp_send_json_error(array( 'message' => __('Security check failed.', 'premmerce-redirect') ), 403);\n+        }\n+\n         if (isset($_POST['type'])) {\n-            $objects = $this->model->getPostsByString($_POST);\n+            $data = array(\n+                'type' => sanitize_text_field($_POST['type']),\n+                's'    => isset($_POST['s']) ? sanitize_text_field($_POST['s']) : '',\n+            );\n+            $objects = $this->model->getPostsByString($data);\n \n             wp_send_json($objects);\n         }\n@@ -327,6 +339,9 @@\n     {\n         wp_enqueue_script('select2', $this->fileManager->locateAsset('admin\u002Fjs\u002Fselect2.min.js'));\n         wp_enqueue_script('premmerce-redirect', $this->fileManager->locateAsset('admin\u002Fjs\u002Fpremmerce-redirect.js'));\n+        wp_localize_script('premmerce-redirect', 'premmerceRedirect', array(\n+            'nonce' => wp_create_nonce('premmerce_redirect_search'),\n+        ));\n         wp_enqueue_style('select2', $this->fileManager->locateAsset('admin\u002Fcss\u002Fselect2.min.css'));\n         wp_enqueue_style('premmerce-redirect', $this->fileManager->locateAsset('admin\u002Fcss\u002Fpremmerce-redirect.css'));\ndiff -ru \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fsrc\u002FRedirectModel.php \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fsrc\u002FRedirectModel.php\n--- \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.12\u002Fsrc\u002FRedirectModel.php\t2018-08-21 13:20:46.000000000 +0000\n+++ \u002Fhome\u002Fdeploy\u002Fwp-safety.org\u002Fdata\u002Fplugin-versions\u002Fpremmerce-redirect-manager\u002F1.0.13\u002Fsrc\u002FRedirectModel.php\t2026-02-18 21:55:06.000000000 +0000\n@@ -166,18 +166,25 @@\n      *\u002F\n     public function getPostsByString($data)\n     {\n-        if (in_array($data['type'], array('product', 'post', 'page'))) {\n+        $allowed_post_types = array( 'product', 'post', 'page' );\n+        $allowed_taxonomies = array( 'product_cat', 'category' );\n+\n+        if (in_array($data['type'], $allowed_post_types, true)) {\n             $objects = (new \\WP_Query(array(\n-                's'           => isset($data['s'])? $data['s'] : '',\n-                'post_type'   => $data['type'],\n-                'numberposts' => 10,\n+                's'              => isset($data['s']) ? $data['s'] : '',\n+                'post_type'      => $data['type'],\n+                'posts_per_page' => 10,\n+                'has_password'   => false,\n+                'post_status'    => 'publish',\n             )))->posts;\n-        } else {\n+        } elseif (in_array($data['type'], $allowed_taxonomies, true)) {\n             $objects = get_terms(array(\n                 'hide_empty' => false,\n-                'search'     => isset($data['s'])? $data['s'] : '',\n+                'search'     => isset($data['s']) ? $data['s'] : '',\n                 'taxonomy'   => $data['type'],\n             ));\n+        } else {\n+            $objects = array();\n         }\n \n         return $objects;","The exploit targets the AJAX endpoint `get_posts_by_string` which is available to all authenticated users. \n\n1. Authentication: Log in as a low-privileged user (Subscriber).\n2. Request: Send a POST request to `\u002Fwp-admin\u002Fadmin-ajax.php`.\n3. Parameters: \n   - Set `action` to `get_posts_by_string`.\n   - Set `type` to a sensitive post type like `post`, `page`, or `product`.\n   - Set `s` to a search term (empty or specific string).\n4. Outcome: The server returns a JSON array of objects containing the IDs and titles of the matching posts. Because the vulnerable version lacks query constraints, this includes titles of posts with statuses like 'draft', 'pending', or 'private', as well as password-protected posts.","gemini-3-flash-preview","2026-04-18 02:08:42","2026-04-18 02:09:41",{"id":67,"url_slug":68,"title":69,"description":70,"plugin_slug":4,"theme_slug":37,"affected_versions":71,"patched_in_version":72,"severity":39,"cvss_score":73,"cvss_vector":74,"vuln_type":75,"published_date":76,"updated_date":77,"references":78,"days_to_patch":80,"patch_diff_files":81,"patch_trac_url":37,"research_status":37,"research_verified":56,"research_rounds_completed":27,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":56,"poc_model_used":37,"poc_verification_depth":37},"WF-b3d4f658-e9ce-490b-bcaa-1061a463dbb2-premmerce-redirect-manager","premmerce-redirect-manager-authenticated-administrator-stored-cross-site-scripting-2","Premmerce Redirect Manager \u003C= 1.0.11 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Premmerce Redirect Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to 1.0.12 (exclusive) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.","\u003C1.0.12","1.0.12",4.4,"CVSS:3.1\u002FAV:N\u002FAC:H\u002FPR:H\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2023-11-13 00:00:00","2024-01-22 19:56:02",[79],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb3d4f658-e9ce-490b-bcaa-1061a463dbb2?source=api-prod",71,[],{"id":83,"url_slug":84,"title":85,"description":86,"plugin_slug":4,"theme_slug":37,"affected_versions":87,"patched_in_version":88,"severity":39,"cvss_score":40,"cvss_vector":89,"vuln_type":90,"published_date":91,"updated_date":77,"references":92,"days_to_patch":94,"patch_diff_files":95,"patch_trac_url":37,"research_status":37,"research_verified":56,"research_rounds_completed":27,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":56,"poc_model_used":37,"poc_verification_depth":37},"CVE-2023-23787","premmerce-redirect-manager-cross-site-request-forgery-via-deleteredirect","Premmerce Redirect Manager \u003C= 1.0.10 - Cross-Site Request Forgery via deleteRedirect()","The Premmerce Redirect Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.10. This is due to missing or incorrect nonce validation on the deleteRedirect() function called via an admin_post hook. This makes it possible for unauthenticated attackers to delete redirects via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.","\u003C=1.0.10","1.0.11","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Cross-Site Request Forgery (CSRF)","2023-03-30 00:00:00",[93],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F6d84fa60-f780-41e2-96dc-57057c646e01?source=api-prod",299,[],{"id":97,"url_slug":98,"title":99,"description":100,"plugin_slug":4,"theme_slug":37,"affected_versions":101,"patched_in_version":72,"severity":39,"cvss_score":73,"cvss_vector":74,"vuln_type":75,"published_date":91,"updated_date":77,"references":102,"days_to_patch":94,"patch_diff_files":104,"patch_trac_url":37,"research_status":37,"research_verified":56,"research_rounds_completed":27,"research_plan":37,"research_summary":37,"research_vulnerable_code":37,"research_fix_diff":37,"research_exploit_outline":37,"research_model_used":37,"research_started_at":37,"research_completed_at":37,"research_error":37,"poc_status":37,"poc_video_id":37,"poc_summary":37,"poc_steps":37,"poc_tested_at":37,"poc_wp_version":37,"poc_php_version":37,"poc_playwright_script":37,"poc_exploit_code":37,"poc_has_trace":56,"poc_model_used":37,"poc_verification_depth":37},"CVE-2023-23789","premmerce-redirect-manager-authenticated-administrator-stored-cross-site-scripting","Premmerce Redirect Manager \u003C= 1.0.9 - Authenticated (Administrator+) Stored Cross-Site Scripting","The Premmerce Redirect Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only impacts multi-site installations and installations where unfiltered_html has been disabled.","\u003C=1.0.9",[103],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fb2e8f9b7-1fce-46be-8198-eeff58a563c6?source=api-prod",[],{"slug":106,"display_name":7,"profile_url":8,"plugin_count":107,"total_installs":108,"avg_security_score":109,"avg_patch_time_days":110,"trust_score":111,"computed_at":112},"premmerce",14,59690,94,401,75,"2026-05-19T16:02:41.378Z",[],{"attackSurface":115,"codeSignals":168,"taintFlows":257,"riskAssessment":333,"analyzedAt":346},{"hooks":116,"ajaxHandlers":158,"restRoutes":164,"shortcodes":165,"cronEvents":166,"entryPointCount":167,"unprotectedCount":27},[117,123,126,131,135,140,144,149,153],{"type":118,"name":119,"callback":120,"file":121,"line":122},"action","admin_menu","addMenuPage","src\\Admin\\Admin.php",103,{"type":118,"name":119,"callback":124,"priority":13,"file":121,"line":125},"addFullPack",104,{"type":127,"name":128,"callback":129,"priority":27,"file":121,"line":130},"filter","pre_trash_post","createRedirectOnTrashProduct",107,{"type":118,"name":132,"callback":133,"file":121,"line":134},"untrashed_post","deleteRedirectOnUntrashProduct",108,{"type":118,"name":136,"callback":137,"priority":138,"file":121,"line":139},"save_post","createRedirectOnSavePost",10,111,{"type":118,"name":141,"callback":142,"file":121,"line":143},"admin_post_premmerce_delete_redirect","deleteRedirect",113,{"type":118,"name":145,"callback":146,"file":147,"line":148},"template_redirect","useRedirect","src\\RedirectPlugin.php",41,{"type":118,"name":150,"callback":151,"file":147,"line":152},"init","loadTextDomain",42,{"type":127,"name":154,"callback":155,"file":156,"line":157},"hide_account_tabs","__return_true","views\\admin\\tabs\\account.php",13,[159],{"action":160,"nopriv":56,"callback":161,"hasNonce":162,"hasCapCheck":162,"file":121,"line":163},"get_posts_by_string","getPostsByString",true,115,[],[],[],1,{"dangerousFunctions":169,"sqlUsage":170,"outputEscaping":177,"fileOperations":27,"externalRequests":27,"nonceChecks":57,"capabilityChecks":167,"bundledLibraries":249},[],{"prepared":171,"raw":167,"locations":172},9,[173],{"file":174,"line":175,"context":176},"src\\RedirectModel.php",23,"$wpdb->get_var() with variable interpolation",{"escaped":178,"rawEcho":179,"locations":180},15,40,[181,184,187,189,190,192,194,196,198,199,201,202,204,205,207,208,210,211,213,215,217,218,220,222,223,225,227,228,229,231,232,234,235,237,239,242,243,245,247,248],{"file":182,"line":46,"context":183},"views\\admin\\error-page.php","raw output",{"file":185,"line":186,"context":183},"views\\admin\\menu-page-edit.php",12,{"file":185,"line":188,"context":183},20,{"file":185,"line":175,"context":183},{"file":185,"line":191,"context":183},24,{"file":185,"line":193,"context":183},33,{"file":185,"line":195,"context":183},39,{"file":185,"line":197,"context":183},105,{"file":185,"line":197,"context":183},{"file":185,"line":200,"context":183},121,{"file":185,"line":200,"context":183},{"file":185,"line":203,"context":183},139,{"file":185,"line":203,"context":183},{"file":185,"line":206,"context":183},155,{"file":185,"line":206,"context":183},{"file":185,"line":209,"context":183},171,{"file":185,"line":209,"context":183},{"file":185,"line":212,"context":183},186,{"file":185,"line":214,"context":183},191,{"file":216,"line":171,"context":183},"views\\admin\\menu-page.php",{"file":216,"line":107,"context":183},{"file":216,"line":219,"context":183},34,{"file":216,"line":221,"context":183},120,{"file":216,"line":200,"context":183},{"file":216,"line":224,"context":183},137,{"file":216,"line":226,"context":183},138,{"file":216,"line":206,"context":183},{"file":216,"line":206,"context":183},{"file":216,"line":230,"context":183},169,{"file":216,"line":230,"context":183},{"file":216,"line":233,"context":183},183,{"file":216,"line":233,"context":183},{"file":216,"line":236,"context":183},205,{"file":238,"line":171,"context":183},"views\\admin\\menu-settings-page.php",{"file":240,"line":241,"context":183},"views\\admin\\redirects-search.php",7,{"file":156,"line":171,"context":183},{"file":244,"line":171,"context":183},"views\\admin\\tabs\\contact.php",{"file":246,"line":171,"context":183},"views\\admin\\tabs.php",{"file":246,"line":138,"context":183},{"file":246,"line":138,"context":183},[250,253],{"name":251,"version":37,"knownCves":252},"Select2",[],{"name":254,"version":255,"knownCves":256},"Freemius","1.0",[],[258,274,282,301,315],{"entryPoint":259,"graph":260,"unsanitizedCount":167,"severity":39},"useRedirect (src\\RedirectPlugin.php:66)",{"nodes":261,"edges":272},[262,267],{"id":263,"type":264,"label":265,"file":147,"line":266},"n0","source","$_SERVER",116,{"id":268,"type":269,"label":270,"file":147,"line":221,"wp_function":271},"n1","sink","wp_redirect() [Open Redirect]","wp_redirect",[273],{"from":263,"to":268,"sanitized":56},{"entryPoint":275,"graph":276,"unsanitizedCount":167,"severity":39},"\u003CRedirectPlugin> (src\\RedirectPlugin.php:0)",{"nodes":277,"edges":280},[278,279],{"id":263,"type":264,"label":265,"file":147,"line":266},{"id":268,"type":269,"label":270,"file":147,"line":221,"wp_function":271},[281],{"from":263,"to":268,"sanitized":56},{"entryPoint":283,"graph":284,"unsanitizedCount":167,"severity":300},"pageEdit (src\\Admin\\Admin.php:444)",{"nodes":285,"edges":297},[286,289,292],{"id":263,"type":264,"label":287,"file":121,"line":288},"$_GET['id']",448,{"id":268,"type":290,"label":291,"file":121,"line":288},"transform","→ getOneRedirectById()",{"id":293,"type":269,"label":294,"file":174,"line":295,"wp_function":296},"n2","get_row() [SQLi]",142,"get_row",[298,299],{"from":263,"to":268,"sanitized":56},{"from":268,"to":293,"sanitized":56},"high",{"entryPoint":302,"graph":303,"unsanitizedCount":167,"severity":300},"processingCreate (src\\Admin\\Admin.php:484)",{"nodes":304,"edges":312},[305,308,310],{"id":263,"type":264,"label":306,"file":121,"line":307},"$_POST",491,{"id":268,"type":290,"label":309,"file":121,"line":307},"→ getOneRedirectByOldUrl()",{"id":293,"type":269,"label":294,"file":174,"line":311,"wp_function":296},128,[313,314],{"from":263,"to":268,"sanitized":56},{"from":268,"to":293,"sanitized":56},{"entryPoint":316,"graph":317,"unsanitizedCount":14,"severity":300},"\u003CAdmin> (src\\Admin\\Admin.php:0)",{"nodes":318,"edges":328},[319,320,321,322,324,326],{"id":263,"type":264,"label":287,"file":121,"line":288},{"id":268,"type":290,"label":291,"file":121,"line":288},{"id":293,"type":269,"label":294,"file":174,"line":295,"wp_function":296},{"id":323,"type":264,"label":306,"file":121,"line":307},"n3",{"id":325,"type":290,"label":309,"file":121,"line":307},"n4",{"id":327,"type":269,"label":294,"file":174,"line":311,"wp_function":296},"n5",[329,330,331,332],{"from":263,"to":268,"sanitized":56},{"from":268,"to":293,"sanitized":56},{"from":323,"to":325,"sanitized":56},{"from":325,"to":327,"sanitized":56},{"summary":334,"deductions":335},"The 'premmerce-redirect-manager' plugin v1.0.13 exhibits a mixed security posture. While it has a small attack surface with no directly unprotected entry points identified, and a majority of its SQL queries utilize prepared statements, several concerning signals are present. The static analysis reveals that a significant portion of output is not properly escaped (only 27%), and importantly, all analyzed taint flows (5 out of 5) have unsanitized paths, with 3 classified as high severity. This indicates a strong potential for input validation and output sanitization weaknesses that could lead to vulnerabilities.\n\nThe vulnerability history, with 3 known medium severity CVEs primarily related to CSRF and XSS, and the most recent one in November 2023, reinforces these concerns. Although there are currently no unpatched CVEs, the recurring nature of these vulnerability types suggests systemic issues with input handling and output escaping within the plugin that have been exploited in the past. The presence of bundled libraries like Select2 and Freemius v1.0 also warrants attention, as outdated versions of these libraries can introduce their own security risks, although specific version details and associated CVEs are not provided here.\n\nIn conclusion, while the plugin demonstrates some good practices in terms of limiting its attack surface and using prepared statements for SQL, the high number of unsanitized taint flows and the historical prevalence of XSS and CSRF vulnerabilities are significant red flags. The low rate of properly escaped output directly contributes to the risk of XSS. The plugin requires careful review and potential remediation to address the identified taint flow issues and to ensure more robust output sanitization to prevent future security incidents.",[336,338,340,342,344],{"reason":337,"points":188},"High severity taint flows with unsanitized paths",{"reason":339,"points":178},"Low percentage of properly escaped output",{"reason":341,"points":57},"Bundled Select2 library",{"reason":343,"points":57},"Bundled Freemius library",{"reason":345,"points":171},"Medium severity CVEs in history","2026-03-16T19:32:18.065Z",{"wat":348,"direct":361},{"assetPaths":349,"generatorPatterns":354,"scriptPaths":355,"versionParams":356},[350,351,352,353],"\u002Fwp-content\u002Fplugins\u002Fpremmerce-redirect-manager\u002Fassets\u002Fcss\u002Ffrontend.css","\u002Fwp-content\u002Fplugins\u002Fpremmerce-redirect-manager\u002Fassets\u002Fjs\u002Ffrontend.js","\u002Fwp-content\u002Fplugins\u002Fpremmerce-redirect-manager\u002Fassets\u002Fcss\u002Fadmin.css","\u002Fwp-content\u002Fplugins\u002Fpremmerce-redirect-manager\u002Fassets\u002Fjs\u002Fadmin.js",[],[],[357,358,359,360],"premmerce-redirect-manager\u002Fassets\u002Fcss\u002Ffrontend.css?ver=","premmerce-redirect-manager\u002Fassets\u002Fjs\u002Ffrontend.js?ver=","premmerce-redirect-manager\u002Fassets\u002Fcss\u002Fadmin.css?ver=","premmerce-redirect-manager\u002Fassets\u002Fjs\u002Fadmin.js?ver=",{"cssClasses":362,"htmlComments":369,"htmlAttributes":370,"restEndpoints":375,"jsGlobals":378,"shortcodeOutput":380},[363,364,365,366,367,368],"premmerce-redirect-manager-table","premmerce-redirect-manager-btn-success","premmerce-redirect-manager-btn-danger","premmerce-redirect-manager-btn-warning","premmerce-redirect-manager-add-redirect-form","premmerce-redirect-manager-input-group",[],[371,372,373,374],"data-type=\"redirect\"","data-old-url","data-new-url","data-redirect-method",[376,377],"\u002Fwp-json\u002Fpremmerce-redirect-manager\u002Fv1\u002Fredirects","\u002Fwp-json\u002Fpremmerce-redirect-manager\u002Fv1\u002Fredirects\u002F(?P\u003Cid>[\\d]+)",[379],"premmerceRedirectManager",[],{"error":162,"url":382,"statusCode":383,"statusMessage":384,"message":384},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpremmerce-redirect-manager\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":107,"versions":386},[387,392,399,408,419,430,441,452,463,474,485,496,507,518],{"version":6,"download_url":24,"svn_tag_url":388,"released_at":37,"has_diff":56,"diff_files_changed":389,"diff_lines":37,"trac_diff_url":390,"vulnerabilities":391,"is_current":162},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.13\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.12&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.13",[],{"version":72,"download_url":393,"svn_tag_url":394,"released_at":37,"has_diff":56,"diff_files_changed":395,"diff_lines":37,"trac_diff_url":396,"vulnerabilities":397,"is_current":56},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.12.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.12\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.11&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.12",[398],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"version":88,"download_url":400,"svn_tag_url":401,"released_at":37,"has_diff":56,"diff_files_changed":402,"diff_lines":37,"trac_diff_url":403,"vulnerabilities":404,"is_current":56},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.11.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.11\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.10&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.11",[405,406,407],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":409,"download_url":410,"svn_tag_url":411,"released_at":37,"has_diff":56,"diff_files_changed":412,"diff_lines":37,"trac_diff_url":413,"vulnerabilities":414,"is_current":56},"1.0.10","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.10.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.10\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.9&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.10",[415,416,417,418],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":420,"download_url":421,"svn_tag_url":422,"released_at":37,"has_diff":56,"diff_files_changed":423,"diff_lines":37,"trac_diff_url":424,"vulnerabilities":425,"is_current":56},"1.0.9","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.9.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.9\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.8&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.9",[426,427,428,429],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":431,"download_url":432,"svn_tag_url":433,"released_at":37,"has_diff":56,"diff_files_changed":434,"diff_lines":37,"trac_diff_url":435,"vulnerabilities":436,"is_current":56},"1.0.8","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.8.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.8\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.7&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.8",[437,438,439,440],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":442,"download_url":443,"svn_tag_url":444,"released_at":37,"has_diff":56,"diff_files_changed":445,"diff_lines":37,"trac_diff_url":446,"vulnerabilities":447,"is_current":56},"1.0.7","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.7.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.7\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.6&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.7",[448,449,450,451],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":453,"download_url":454,"svn_tag_url":455,"released_at":37,"has_diff":56,"diff_files_changed":456,"diff_lines":37,"trac_diff_url":457,"vulnerabilities":458,"is_current":56},"1.0.6","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.6.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.6\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.5&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.6",[459,460,461,462],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":464,"download_url":465,"svn_tag_url":466,"released_at":37,"has_diff":56,"diff_files_changed":467,"diff_lines":37,"trac_diff_url":468,"vulnerabilities":469,"is_current":56},"1.0.5","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.5.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.5\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.4&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.5",[470,471,472,473],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":475,"download_url":476,"svn_tag_url":477,"released_at":37,"has_diff":56,"diff_files_changed":478,"diff_lines":37,"trac_diff_url":479,"vulnerabilities":480,"is_current":56},"1.0.4","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.4.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.4\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.3&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.4",[481,482,483,484],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":486,"download_url":487,"svn_tag_url":488,"released_at":37,"has_diff":56,"diff_files_changed":489,"diff_lines":37,"trac_diff_url":490,"vulnerabilities":491,"is_current":56},"1.0.3","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.3.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.3\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.2&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.3",[492,493,494,495],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":497,"download_url":498,"svn_tag_url":499,"released_at":37,"has_diff":56,"diff_files_changed":500,"diff_lines":37,"trac_diff_url":501,"vulnerabilities":502,"is_current":56},"1.0.2","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.2.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.2\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.1&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.2",[503,504,505,506],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":508,"download_url":509,"svn_tag_url":510,"released_at":37,"has_diff":56,"diff_files_changed":511,"diff_lines":37,"trac_diff_url":512,"vulnerabilities":513,"is_current":56},"1.0.1","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.1.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0.1\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0&new_path=%2Fpremmerce-redirect-manager%2Ftags%2F1.0.1",[514,515,516,517],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"version":255,"download_url":519,"svn_tag_url":520,"released_at":37,"has_diff":56,"diff_files_changed":521,"diff_lines":37,"trac_diff_url":37,"vulnerabilities":522,"is_current":56},"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpremmerce-redirect-manager.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpremmerce-redirect-manager\u002Ftags\u002F1.0\u002F",[],[523,524,525,526],{"id":33,"url_slug":34,"title":35,"severity":39,"cvss_score":40,"vuln_type":42,"patched_in_version":6},{"id":83,"url_slug":84,"title":85,"severity":39,"cvss_score":40,"vuln_type":90,"patched_in_version":88},{"id":97,"url_slug":98,"title":99,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72},{"id":67,"url_slug":68,"title":69,"severity":39,"cvss_score":73,"vuln_type":75,"patched_in_version":72}]