Lucene search
K

32 matches found

OSV
OSV
added 2023/01/16 4:15 p.m.3 views

CVE-2022-4199

The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.5 views

PT-2023-14057 · WordPress · Link Library

Name of the Vulnerable Software and Affected Versions: Link Library WordPress plugin versions prior to 7.4.1 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in...

4.8CVSS8.1AI score0.0047EPSS
Exploits2References6
CNVD
CNVD
added 2022/02/10 12:0 a.m.13 views

WordPress Link Library plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Link Library plugin prior to 7.2.9, which stems from the plugin's failure to clean and escape settingscopy parameters befo...

6.1CVSS1.7AI score0.008EPSS
Exploits2References1
OSV
OSV
added 2022/02/01 1:15 p.m.2 views

CVE-2021-25092

The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack...

6.5CVSS6.7AI score
Exploits0References1
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.6 views

WordPress 安全漏洞

WordPress plugin is a WordPress application plugin. WordPress Link Library plugin versions prior to 7.2.8 have an arbitrary link removal vulnerability, which stems from unauthorized removal of links, and can be exploited by attackers to remove arbitrary links via carefully crafted requests...

7.5CVSS5.8AI score0.01196EPSS
Exploits2References2
CNNVD
CNNVD
added 2022/02/01 12:0 a.m.6 views

WordPress plugin 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Link Library plugin prior to 7.2.9, which stems from the plugin's failure to clean and escape settingscopy parameters befo...

6.1CVSS4.8AI score0.008EPSS
Exploits2References2
Patchstack
Patchstack
added 2021/12/30 12:0 a.m.17 views

WordPress Link Library plugin <= 7.2.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Link Library plugin versions = 7.2.8. Solution Update the WordPress Link Library plugin to the latest available version at least 7.2.9...

6.1CVSS2.3AI score0.008EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.9 views

WordPress Link Library Plugin <= 5.1.6 - SQL Injection

Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...

6.2AI score
Exploits0Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.9 views

WordPress Link Library Plugin <= 5.0.8 - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Vulnerable parameter "id". Solution Update the plugin...

2.3AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.10 views

Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter XSS

The Link Library WordPress plugin was affected by a wp-content/plugins/link-library/tracker.php id Parameter XSS security vulnerability...

2.8AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

WordPress Link Library plugin <= 5.2.1 - SQL Injection

No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2011/09/25 12:0 a.m.12 views

WordPress Link Library plugin &lt;= 5.2.1 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...

7.1AI score
Exploits0
Rows per page
Query Builder