EUVD-2025-30309

Malicious code in bioql PyPI...

CVE-2025-9949

The Internal Links Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the link deletion functionality in the processbulkaction function. This makes it possible for...

CVE-2025-9949

The Internal Links Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the link deletion functionality in the processbulkaction function. This makes it possible for...

CVE-2025-9949 Internal Links Manager <= 3.0.1 - Cross-Site Request Forgery

The Internal Links Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the link deletion functionality in the processbulkaction function. This makes it possible for...

CVE-2025-9949 Internal Links Manager <= 3.0.1 - Cross-Site Request Forgery

The Internal Links Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the link deletion functionality in the processbulkaction function. This makes it possible for...

CVE-2025-9949

CVE-2025-9949 (Internal Links Manager for WordPress) is a CSRF vulnerability present in all versions up to 3.0.1 due to missing or incorrect nonce validation in the link deletion path (process_bulk_action). This allows unauthenticated attackers to delete SEO links by tricking an administrator int...

WordPress Internal Links Manager plugin <= 3.0.1 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by WordFence in WordPress Plugin Internal Links Manager versions = 3.0.1...

WordPress plugin Internal Links Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-38632

Name of the Vulnerable Software and Affected Versions Internal Links Manager plugin for WordPress versions through 3.0.1 Description The Internal Links Manager plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the link deletion...

CVE-2025-24679

Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through = 2.5.2...

CVE-2025-24679

Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through = 2.5.2...

CVE-2025-24679

CVE-2025-24679 is a Missing Authorization (broken access control) vulnerability in the WordPress plugin Internal Links Manager, affecting versions up to 2.5.2. The issue allows exploitation of incorrectly configured access control security levels. Reported details from NVD/Red Hat indicate an act...

WordPress Internal Links Manager plugin <= 2.5.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Caesar Evan Santoso in WordPress Plugin Internal Links Manager versions = 2.5.2...

WordPress plugin Internal Links Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Internal Links Manager plugin <= 2.1.0 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities found by Chevon Phillip in WordPress Internal Links Manager plugin versions = 2.1.0. Solution 2020-12-28 - we were unable to find a patched version of this plugin. Notification from WordPress.org - "This plugin has been closed...

Internal Links Manager < 2.1.1 - Multiple Authenticated Stored Cross-Site Scripting (XSS)

Due to lack of user input filtering and validation, the "Add New Link" and "All Links" features are vulnerable to cross-site scripting. The following fields are vulnerable: Internal Title title, Link Title titleattr. Issues were reported to vendor and WP plugins team by reporter. Edit WPScanTeam:...