32 matches found
CVE-2022-4199
The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2023-14057 · WordPress · Link Library
Name of the Vulnerable Software and Affected Versions: Link Library WordPress plugin versions prior to 7.4.1 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in...
WordPress Link Library plugin cross-site scripting vulnerability
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Link Library plugin prior to 7.2.9, which stems from the plugin's failure to clean and escape settingscopy parameters befo...
CVE-2021-25092
The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack...
WordPress 安全漏洞
WordPress plugin is a WordPress application plugin. WordPress Link Library plugin versions prior to 7.2.8 have an arbitrary link removal vulnerability, which stems from unauthorized removal of links, and can be exploited by attackers to remove arbitrary links via carefully crafted requests...
WordPress plugin 跨站脚本漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Link Library plugin prior to 7.2.9, which stems from the plugin's failure to clean and escape settingscopy parameters befo...
WordPress Link Library plugin <= 7.2.8 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Krzysztof Zając in WordPress Link Library plugin versions = 7.2.8. Solution Update the WordPress Link Library plugin to the latest available version at least 7.2.9...
WordPress Link Library Plugin <= 5.1.6 - SQL Injection
Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...
WordPress Link Library Plugin <= 5.0.8 - Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Vulnerable parameter "id". Solution Update the plugin...
Link Library 5.0.8 - wp-content/plugins/link-library/tracker.php id Parameter XSS
The Link Library WordPress plugin was affected by a wp-content/plugins/link-library/tracker.php id Parameter XSS security vulnerability...
WordPress Link Library plugin <= 5.2.1 - SQL Injection
No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...
WordPress Link Library plugin <= 5.2.1 SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Link Library plugin = 5.2.1 SQL Injection Vulnerability Date: 2011-09-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/link-library.zip Version: 5.2.1 tested Note:...