3 matches found
CVE-2019-25147
The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the tracklink function. This makes it possible for...
CVE-2019-25147
The CVE-2019-25147 issue concerns the Pretty Links WordPress plugin. Affected product: WordPress plugin Pretty Links, versions up to and including 2.1.9. Root cause: insufficient input sanitization and output escaping in the track_link function, enabling Stored Cross-Site Scripting via various IP...
CVE-2019-25147 Pretty Links <= 2.1.9 - Unauthenticated Stored Cross-Site Scripting via track_link
The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the tracklink function. This makes it possible for...