CVE-2025-58231 WordPress Bitly plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...

PT-2025-38896

Name of the Vulnerable Software and Affected Versions Bitly versions through 2.7.4 Description A flaw exists in Bitly that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerability could potentially allow an...

WordPress plugin Bitly 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

CVE-2025-30629

Cross-Site Request Forgery CSRF vulnerability in Codehaveli Bitly URL Shortener codehaveli-bitly-url-shortener allows Cross Site Request Forgery.This issue affects Bitly URL Shortener: from n/a through = 1.4.1...

CVE-2025-30629

Cross-Site Request Forgery CSRF vulnerability in Codehaveli Bitly URL Shortener codehaveli-bitly-url-shortener allows Cross Site Request Forgery.This issue affects Bitly URL Shortener: from n/a through = 1.4.1...

CVE-2025-30629 WordPress Bitly URL Shortener plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Codehaveli Bitly URL Shortener codehaveli-bitly-url-shortener allows Cross Site Request Forgery.This issue affects Bitly URL Shortener: from n/a through = 1.4.1...

CVE-2025-30629 WordPress Bitly URL Shortener plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Codehaveli Bitly URL Shortener codehaveli-bitly-url-shortener allows Cross Site Request Forgery.This issue affects Bitly URL Shortener: from n/a through = 1.4.1...

CVE-2025-30629

CVE-2025-30629 is a CSRF vulnerability in Codehaveli Bitly URL Shortener (WordPress plugin) affecting versions up to 1.3.3. Public details confirm CSRF as the issue, with CVSS 3.1 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) base score 4.3 (Medium). Connected sources (Wordfence, Red Hat) list the vulner...

WordPress plugin Bitly URL Shortener 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2025-24149 · Codehaveli · Codehaveli Bitly Url Shortener

Name of the Vulnerable Software and Affected Versions: Codehaveli Bitly URL Shortener versions 1.3.3 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows for Cross Site Request Forgery. Recommendations: For Codehaveli Bitly URL Shortener versions 1.3...

WordPress Bitly URL Shortener plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Bitly URL Shortener versions = 1.4.1...

CVE-2024-12616

The Bitly's WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 2.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, t...

CVE-2023-5577

The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

CVE-2025-23674

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in andygauk Bit.ly linker bitly-linker allows Reflected XSS.This issue affects Bit.ly linker: from n/a through = 1.1...

PT-2025-5012 · Bitly · Bit.Ly Linker

Name of the Vulnerable Software and Affected Versions: Bit.ly linker versions n/a through 1.1 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables potential attackers to...

WordPress Bit.ly linker plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Bit.ly linker versions = 1.1...

CVE-2024-12616

The Bitlys WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 2.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2024-12616 Bitly's WordPress Plugin <= 2.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Bitlys WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 2.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2024-12616 Bitly's WordPress Plugin <= 2.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Bitlys WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 2.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

WordPress plugin Bitly WordPress Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...