CVE-2026-1277 URL Shortify <= 1.12.1 - Unauthenticated Open Redirect via 'redirect_to' Parameter

The URL Shortify plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.12.1 due to insufficient validation on the 'redirectto' parameter in the promotional dismissal handler. This makes it possible for unauthenticated attackers to redirect users to potentiall...

WordPress ClickWhale - Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin <= 2.4.1 - Reflected Cross-Site Scripting vulnerability

WordPress ClickWhale - Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin = 2.4.1 - Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin ClickWhale versions = 2.4.1...

WordPress plugin URL Shortener 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2018-25057

A vulnerability was found in simplephplinkshortener. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument $link"id" leads to sql injection. The name of the patch is b26ac6480761635ed94ccb0222ba6b732de6e53f. It is recommended t...

CVE-2024-11327

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.4.1...

CVE-2024-51715

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affects ClickWhale – Link Manager, Link Shortener and...

CVE-2024-51715

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickWhale ClickWhale clickwhale allows Blind SQL Injection.This issue affects ClickWhale: from n/a through = 2.4.1...

CVE-2024-51715 WordPress ClickWhale plugin <= 2.4.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ClickWhale ClickWhale clickwhale allows Blind SQL Injection.This issue affects ClickWhale: from n/a through = 2.4.1...

CVE-2023-23896

Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17...

Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infect over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID...

Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected

The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infect over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID...

PT-2022-8067 · Unknown · Simple Php Link Shortener

Name of the Vulnerable Software and Affected Versions: simple php link shortener affected versions not specified Description: A critical issue was found in simple php link shortener, affecting an unknown function of the file index.php. The manipulation of the argument link"id" leads to sql...

PT-2022-12972

Name of the Vulnerable Software and Affected Versions YOURLS versions prior to 1.8.3 Description The issue is related to Cross-Site Request Forgery CSRF in the YOURLS repository. This allows an attacker to perform unintended actions on a user's account. Recommendations For versions prior to 1.8.3...

X (Formerly Twitter): Link-shortener bypass (regression on fix for #1032610)

Report 1032610, entitled Chained open redirects and use of Ideographic Full Stop defeat Twitter's approach to blocking links was closed as Resolved about six months ago. However, a regression on the fix for the vulnerability in question seems to have occurred, and the bug is reproducible with the...

X (Formerly Twitter): Bypass t.co link shortener in Twitter direct messages

The researcher demonstrated a way to create a link that will not be replaced with safe shortened t.co url, by sending Direct Messages containing more than 50 t.co links to another Twitter user. If the recipient views the message using Twitter’s Android app, and clicks the 51st link in the...

Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection Vulnerability Vendor url:http://www.miniweb2.com/ Version:2.0 Price:250$ Published: 2010-06-10 Greetz to:Sid3^effects, MaYu...