CVE-2023-45058

Cross-Site Request Forgery CSRF vulnerability in KaizenCoders Short URL plugin = 1.6.8 versions...

EUVD-2023-49379

Malicious code in bioql PyPI...

EUVD-2023-23836

Malicious code in bioql PyPI...

CVE-2023-2921 Short URL <= 1.6.8 - Subscriber+ SQLi

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL injection exploitable by users with relatively low privilege on the site, like subscribers...

CVE-2023-2921 Short URL <= 1.6.8 - Subscriber+ SQLi

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL injection exploitable by users with relatively low privilege on the site, like subscribers...

CVE-2023-2921

The CVE-2023-2921 entry concerns the WordPress Short URL plugin (versions ≤ 1.6.8). A parameter is not properly sanitised/escaped before its use in an SQL statement, enabling SQL injection. Impact is stated as exploitable by users with low privileges (e.g., subscribers). Affected component is the...

WordPress plugin Short URL 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-24017 · WordPress · Short Url Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Short URL WordPress plugin versions 1.6.8 and earlier Description: The issue is related to a SQL injection problem. The Short URL WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading t...

CVE-2023-1604

The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on the configurationpage function. This makes it possible for unauthenticated attackers to add and import redirects, includi...

WordPress plugin Short URL 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2023-1604 Short URL <= 1.6.8 - Cross-Site Request Forgery via configuration_page

The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on the configurationpage function. This makes it possible for unauthenticated attackers to add and import redirects, includi...

WordPress Short URL plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Short URL versions = 1.6.8...

WordPress Short URL Plugin <= 1.6.8 is vulnerable to Broken Access Control

Software Short URL Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47225 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 80acb0670d7b Credits Abdi Pranata Required privilege...

CVE-2023-45058

Cross-Site Request Forgery CSRF vulnerability in KaizenCoders Short URL plugin = 1.6.8 versions...

CVE-2023-45058

Cross-Site Request Forgery CSRF vulnerability in KaizenCoders Short URL plugin = 1.6.8 versions...

CVE-2023-45058 WordPress Short URL Plugin <= 1.6.8 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in KaizenCoders Short URL plugin = 1.6.8 versions...

WordPress plugin Short URL cross-site request forgery vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2023-3130

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Cross site scripting

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3130 Short URL < 1.6.5 - Admin+ Cross Site Scripting

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...