EUVD-2022-53155

Malicious code in bioql PyPI...

WordPress WP Applink Cross-Site Scripting Vulnerability

WordPress WP Applink is a WordPress plugin for generating iTunes affiliate links, which is mainly used for embedding promotional links to iTunes products such as iPhone, iPad, Mac apps and music, movies and so on in posts. WordPress WP Applink suffers from a cross-site scripting vulnerability tha...

CVE-2025-6385

The WP Applink plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-6385

CVE-2025-6385 describes a Stored Cross-Site Scripting (XSS) vulnerability in the WP Applink WordPress plugin. The issue stems from insufficient input sanitization and output escaping in the title parameter, affecting all versions up to 0.4.1. Exploitation requires authenticated access at Contribu...

CVE-2025-6385 WP Applink <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter

The WP Applink plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

CVE-2025-6385 WP Applink <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter

The WP Applink plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 0.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

PT-2025-30648 · WordPress · Wp Applink

Name of the Vulnerable Software and Affected Versions: WP Applink plugin for WordPress versions prior to 0.4.2 Description: The WP Applink plugin for WordPress is susceptible to Stored Cross-Site Scripting through the title parameter. Insufficient input sanitization and output escaping allow...

WordPress plugin WP Applink 跨站脚本漏洞

WordPress WP Applink is a WordPress plugin for generating iTunes affiliate links, which is mainly used for embedding promotional links to iTunes products such as iPhone, iPad, Mac apps and music, movies and so on in posts. WordPress WP Applink suffers from a cross-site scripting vulnerability tha...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

Design/Logic Flaw

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

CVE-2022-31759

CVE-2022-31759 concerns AppLink with a vulnerability in which an access to uninitialized pointers can be exploited, potentially impacting system availability. The available sources repeatedly cite this as a vulnerability in AppLink, with impact described as reduced availability. The CVSS details ...

CVE-2022-31759

AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability...

Applink configuration data is exposed anonymously

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-38225. panel If you make an anonymous GET request to /rest/issueLinkAppLink/1/appLink/info , the instance will tell you all the names, IDs an...

Applink configuration data is exposed anonymously

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report|http://jira.atlassian.com/browse/JRASERVER-38225. panel If you make an anonymous GET request to /rest/issueLinkAppLink/1/appLink/info , the instance will tell you all the names, IDs a...