EUVD-2024-40105

Malicious code in bioql PyPI...

CVE-2025-58231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...

CVE-2025-58231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bitlydeveloper Bitly wp-bitly allows Stored XSS.This issue affects Bitly: from n/a through = 2.8.0...

CVE-2024-43209

Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2...

CVE-2024-43209 WordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2...

CVE-2024-43209 WordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2...

CVE-2024-43209

CVE-2024-43209 is a Missing Authorization vulnerability in Bitly's WordPress Plugin (wp-bitly) affecting versions up to and including 2.7.2. The flaw allows access to functionality not properly constrained by ACLs. CVSS 3.1 base score 6.5 (Network, Low complexity, None privileges required, Confid...

Bitly's <= 2.7.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape its wpbitly shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-5577

The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

Cross site scripting

The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

CVE-2023-5577

CVE-2023-5577 concerns Bitly’s WordPress plugin (wp-bitly). The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s wpbitly shortcode due to insufficient input sanitization and output escaping of user-supplied attributes. It affects all versions up to and including 2.7.1. Exploit...

CVE-2023-5577 Bitly's WordPress Plugin <= 2.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

GHSA-GGRH-GRJ3-VFVW Package discontinued because Bitly lowered the free quota

On November 17, 2022, an email was received from Bitly advising that the new link quota per free token is lowered to 50 per month from its previous value of 1000 per month. As per the email, this change is effective on December 8, 2022. The new quota is so low as to not be useful. For this reason...

Package discontinued because Bitly lowered the free quota

On November 17, 2022, an email was received from Bitly advising that the new link quota per free token is lowered to 50 per month from its previous value of 1000 per month. As per the email, this change is effective on December 8, 2022. The new quota is so low as to not be useful. For this reason...

GHSA-JM34-XM8M-W958 Open Redirect in oauth2_proxy

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

Open Redirect in oauth2_proxy

The Bitly oauth2proxy in version 2.1 and earlier was affected by an open redirect vulnerability during the start and termination of the 2-legged OAuth flow. This issue was caused by improper input validation and a violation of RFC-6819...

Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code

Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code How it works? Self-XSS is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors a...

Katana - A Python Tool For Google Hacking

Katana-ds ds for dorkscanner is a simple python tool that automates Google Hacking/Dorking and support Tor It becomes more powerful in combination with GHDB Installation : Use the package manager pip to install requirements cd Katana python3 pip install -r requirments python3 katana-ds.py Tested...

Millions of Accounts From Previous Bitly and Kickstarter Breaches Exposed

By Waqas Its another day with yet another story of a data This is a post from HackRead.com Read the original post: Millions of Accounts From Previous Bitly and Kickstarter Breaches Exposed...

CVE-2017-1000069

CSRF in Bitly oauth2proxy 2.1 during authentication flow...