26 matches found
EUVD-2023-59411
Malicious code in bioql PyPI...
CVE-2023-7230
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...
CVE-2023-7229
The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-7231
The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links...
CVE-2023-7230
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...
CVE-2023-7228
The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks...
CVE-2023-7231
The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links...
CVE-2023-7230 illi Link Party! <= 1.0 - Admin+ Stored Cross-Site Scripting
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...
CVE-2023-7231 illi Link Party! <= 1.0 - Unauthenticated Arbitrary Link Deletion
The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links...
CVE-2023-7230 illi Link Party! <= 1.0 - Admin+ Stored Cross-Site Scripting
The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks...
CVE-2023-7228 illi Link Party! <= 1.0 - Unauthenticated Stored XSS
The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks...
CVE-2023-7229 illi Link Party! <= 1.0 - Settings Update via CSRF
The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-7229 illi Link Party! <= 1.0 - Settings Update via CSRF
The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-7228 illi Link Party! <= 1.0 - Unauthenticated Stored XSS
The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks...
PT-2025-21386 · WordPress · The Illi Link Party!
Name of the Vulnerable Software and Affected Versions: The illi Link Party! WordPress plugin versions 1.0 and earlier Description: The issue is related to a lack of proper access controls in the plugin, allowing unauthenticated visitors to delete links. Recommendations: For The illi Link Party!...
WordPress plugin illi Link Party! 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin illi Link Party 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin illi Link Party 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin illi Link Party 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-21384 · WordPress · Illi Link Party!
Name of the Vulnerable Software and Affected Versions: The illi Link Party! WordPress plugin version 1.0 Description: The issue is related to the lack of a CSRF check when updating settings, which could allow attackers to make a logged-in admin change them via a CSRF attack. Recommendations: For...