WordPress Short Link plugin cross-site scripting vulnerability

WordPress Short Link plugin is a class of tools for generating and managing short links Shortlinks. A cross-site scripting vulnerability exists in the WordPress Short Link plugin, which stems from insufficient input cleanup and output escaping of the shortlinkposttitle and shortlinkpagetitle...

CVE-2026-0813 Short Link <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Administration Settings Page

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortlinkposttitle' and 'shortlinkpagetitle' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

EUVD-2026-2523

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortlinkposttitle' and 'shortlinkpagetitle' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2026-0813 Short Link <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Administration Settings Page

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortlinkposttitle' and 'shortlinkpagetitle' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

WordPress plugin Short Link 跨站脚本漏洞

WordPress Short Link plugin is a class of tools for generating and managing short links Shortlinks. A cross-site scripting vulnerability exists in the WordPress Short Link plugin, which stems from insufficient input cleanup and output escaping of the shortlinkposttitle and shortlinkpagetitle...

PT-2026-2845

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'short link post title' and 'short link page title' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

WordPress Short Link plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Administration Settings Page vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Administration Settings Page vulnerability discovered by 0x34rth in WordPress Plugin Short Link versions = 1.0...

Malicious code in short-link-sharer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 735cc774b56e67d8c340132e845f7d6aa2bed09a124ecb6881b05ecc323d28af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10860 Malicious code in short-link-sharer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 735cc774b56e67d8c340132e845f7d6aa2bed09a124ecb6881b05ecc323d28af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress plugin Short URL 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Short Link System 跨站脚本漏洞

Short Link System is an application from the Tech Cloud team that makes long links short in seconds. A cross-site scripting vulnerability exists in Short Link System version 1.0.0, which stems from a cross-site scripting XSS vulnerability in the parameter url of the file admin.php...

PT-2023-17109 · WordPress · Short Url Plugin

Name of the Vulnerable Software and Affected Versions: Short URL plugin for WordPress versions up to, and including, 1.6.4 Description: The issue arises from insufficient input sanitization and output escaping, allowing stored Cross-Site Scripting attacks via the comment parameter. This enables...

YOURLS 跨站脚本漏洞

YOURLS is an open source PHP-based short link platform. yourls suffers from a cross-site scripting vulnerability that arises from the program's susceptibility to incorrect input and cross-site scripting during page generation...

Text messages and the Bitcoin Code: follow the money trail

I was a bit surprised to receive lots of messages similar to the one below this past week: I mean, we've all done it—managed a bulk text spam campaign offering free Bitcoins in your spare time, while completely forgetting said business exists. Maybe I did it in my sleep? It's all gone a bit Fight...