CVE-2025-58231

The CVE CVE-2025-58231 affects Bitly’s WordPress plugin (Bitly) up to version 2.7.4. It is a Stored XSS due to Improper Neutralization of Input During Web Page Generation. Product/impact details beyond this description (remediation, patches) are not provided in the documents.

CVE-2025-58231 WordPress Bitly plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...

WordPress Bitly plugin <= 2.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Bitly versions = 2.7.3...

WordPress Bitly Plugin <= 2.7.2 is vulnerable to Broken Access Control

Software Bitly Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43209 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1d22e84d1285 Credits Abdi Pranata Required privilege...

WordPress Bitly Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Bitly Type Plugin Vulnerable versions = 2.7.1 Fixed in 2.7.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5577 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8be7a26a071 Credits Lana Codes Required privilege...