CVE-2023-25973

Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3.0.2 versions...

PT-2025-51199

The URL Shortify WordPress plugin before 1.11.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

EUVD-2016-5815

Malware in sbrugna...

EUVD-2015-9335

Malware in sbrugna...

EUVD-2015-9312

Malware in sbrugna...

EUVD-2024-50031

Malicious code in bioql PyPI...

EUVD-2022-24873

Malicious code in bioql PyPI...

EUVD-2022-49924

Malicious code in bioql PyPI...

WordPress plugin WP Dynamic Links 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress WP Dynamic Links plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin WP Dynamic Links versions = 1.0.1...

CVE-2024-9578

The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to doshortcode being hooked through the commenttext filter in all versions up to and including 1.4.2. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes available on the...

CVE-2023-52175

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Michael Uno miunosoft Auto Amazon Links – Amazon Associates Affiliate Plugin allows Stored XSS.This issue affects Auto Amazon Links – Amazon Associates Affiliate Plugin: from n/a through 5.1.1...

CVE-2022-47149

Cross-Site Request Forgery CSRF vulnerability in Pretty Links plugin = 3.4.0 versions...

WordPress plugin Affiliate Links 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-25135 WordPress Custom Links On Admin Dashboard Toolbar plugin <= 3.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Victor Barkalov Custom Links On Admin Dashboard Toolbar customize-wpadmin allows Stored XSS.This issue affects Custom Links On Admin Dashboard Toolbar: from n/a through = 3.3...

WordPress Social Links plugin <= 1.0.11 - Stored Cross-Site Scripting vulnerability

Stored Cross-Site Scripting vulnerability discovered by Abdi Pranata in WordPress Plugin Social Links versions = 1.0.11...

WordPress Social Links plugin <= 1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Tri Doan in WordPress Plugin Social Links versions = 1.2...

WordPress LJ Custom Menu Links Plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LJ Custom Menu Links versions = 2.5...

WordPress Post-to-Post Links plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Post-to-Post Links versions = 4.2...

CVE-2024-9578

The Hide Links plugin for WordPress is vulnerable to unauthorized shortcode execution due to doshortcode being hooked through the commenttext filter in all versions up to and including 1.4.2. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes available on the...