Lucene search
+L

79 matches found

NVD
NVD
added 2026/06/29 3:16 p.m.9 views

CVE-2026-57333

Unauthenticated Cross Site Scripting XSS in Link Whisper Free = 0.9.4 versions...

7.1CVSS0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 1:36 p.m.28 views

CVE-2026-57333

CVE-2026-57333 describes an unauthenticated reflected Cross Site Scripting (XSS) vulnerability in the WordPress plugin Link Whisper Free , affecting versions up to and including 0.9.4 . The connected sources consistently identify it as a reflected XSS issue in the Free plugin; no root-cause detai...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/29 1:36 p.m.8 views

EUVD-2026-40104

Unauthenticated Cross Site Scripting XSS in Link Whisper Free = 0.9.4 versions...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:36 p.m.6 views

CVE-2026-57333

Unauthenticated Cross Site Scripting XSS in Link Whisper Free = 0.9.4 versions...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/29 1:36 p.m.30 views

CVE-2026-57333 WordPress Link Whisper Free plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Link Whisper Free = 0.9.4 versions...

7.1CVSS0.00146EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/09 3:56 p.m.85 views

Exploit for CVE-2025-11262

CVE Lab: CVE-2025-11262 - Link Whisper Free Unauthenticated St...

7.2CVSS5.4AI score0.00233EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.12 views

CVE-2025-11262

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS5.7AI score0.00233EPSS
Exploits1References1
NVD
NVD
added 2026/05/29 8:16 a.m.16 views

CVE-2025-11262

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS0.00233EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:43 a.m.12 views

CVE-2025-11262

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00233EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/29 6:43 a.m.13 views

EUVD-2025-209983

The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the userid parameter in all versions up to, and including, 0.9.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

7.2CVSS6AI score0.00233EPSS
Exploits1References3
CVE
CVE
added 2026/05/29 6:43 a.m.31 views

CVE-2025-11262

The CVE concerns the WordPress plugin Link Whisper Free (up to version 0.9.0). It is an unauthenticated stored XSS via the REST endpoint where the attacker-supplied value in the user_id parameter is persisted and later rendered in the admin UI, enabling JavaScript execution when a privileged admi...

7.2CVSS6AI score0.00233EPSS
In wildExploits1References3
RedhatCVE
RedhatCVE
added 2026/02/21 7:29 p.m.5 views

CVE-2026-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 4:22 p.m.11 views

CVE-2026-22357

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:47 p.m.16 views

CVE-2026-22357

CVE-2026-22357 corresponds to a Reflected XSS in the WordPress Link Whisper Free plugin (versions up to 0.9.2 as stated in the initial document). The vulnerability involves improper input handling during web page generation, enabling reflected cross-site scripting. The connected Wordfence summary...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/20 3:47 p.m.25 views

CVE-2026-22357 WordPress Link Whisper Free plugin <= 0.9.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.9.2...

7.1CVSS0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.7 views

PT-2026-21203

Name of the Vulnerable Software and Affected Versions Link Whisper versions prior to 0.9.0 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting XSS issue. This allows an attacker to...

5.4AI score0.0018EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/16 11:57 a.m.7 views

WordPress Link Whisper Free plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Link Whisper Free versions = 0.9.1...

7.1CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/10 5:41 a.m.4 views

CVE-2025-67927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.8.8...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/01/08 10:15 a.m.5 views

CVE-2025-67927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.8.8...

7.1CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/08 9:17 a.m.3 views

CVE-2025-67927 WordPress Link Whisper Free plugin <= 0.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spencer Haws Link Whisper Free link-whisper allows Reflected XSS.This issue affects Link Whisper Free: from n/a through = 0.8.8...

7.1CVSS6AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder