10 matches found
CVE-2025-10738
CVE-2025-10738 concerns the WordPress URL Shortener Plugin for WordPress. The initial description notes an Unauthenticated SQL Injection via the parameter ‘analytic_id’ in all versions up to and including 3.0.7, due to insufficient escaping and preparation of the SQL query. Connected documents (W...
CVE-2025-28959 WordPress URL Shortener <= 3.0.7 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows SQL Injection.This issue affects URL Shortener: from n/a through = 3.0.7...
CVE-2025-28961 WordPress URL Shortener <= 3.0.7 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Object Injection.This issue affects URL Shortener: from n/a through = 3.0.7...
CVE-2025-28959
CVE-2025-28959 affects the WordPress plugin URL Shortener (versions up to 3.0.7). The issue is an SQL Injection caused by improper neutralization of special SQL elements in the URL Shortener’s queries. CVSS 3.1 base metrics indicate high impact on confidentiality and a critical overall score (9.3...
CVE-2025-28961
CVE-2025-28961 corresponds to a deserialization of untrusted data vulnerability in the WordPress URL Shortener plugin (Md Yeasin Ul Haider) 3.0.7 when available, as stated in the sources. The vulnerability is not described as rejected or reserved in the provided materials.
CVE-2025-28965 WordPress URL Shortener <= 3.0.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Md Yeasin Ul Haider URL Shortener exact-links allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects URL Shortener: from n/a through = 3.0.7...
WordPress URL Shortener <= 3.0.7 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by ch4r0n in WordPress Plugin URL Shortener versions = 3.0.7...
WordPress plugin URL Shortener 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A code issue vulnerability...
WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS)
Software URL Shortener by MyThemeShop Type Plugin Vulnerable versions = 1.0.17 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5802 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 171657501903 Credits Sandeep...
WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Broken Access Control
Software URL Shortener by MyThemeShop Type Plugin Vulnerable versions = 1.0.17 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23896 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID e643a0198210 Credits István Márt...