WordPress Internal Link Builder plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin's Settings vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via Plugin's Settings vulnerability discovered by 0x34rth in WordPress Plugin Internal Link Builder versions = 1.0...

WordPress Internal Link Builder plugin cross-site scripting vulnerability

WordPress Internal Link Builder plugin is a tool used to help webmasters create internal links on WordPress sites. WordPress Internal Link Builder plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

CVE-2025-14725

The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2025-14725

The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2025-14725 Internal Link Builder <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin's Settings

The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2025-14725

The CVE-2025-14725 entry concerns the WordPress plugin Internal Link Builder (

WordPress plugin Internal Link Builder 跨站脚本漏洞

WordPress Internal Link Builder plugin is a tool used to help webmasters create internal links on WordPress sites. WordPress Internal Link Builder plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

PT-2026-2817

The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

EUVD-2025-3585

Malicious code in bioql PyPI...

CVE-2025-23989

Cross-Site Request Forgery CSRF vulnerability in Alessandro Piconi Internal Link Builder internal-link-builder allows Cross Site Request Forgery.This issue affects Internal Link Builder: from n/a through = 1.0...

CVE-2025-23989

Cross-Site Request Forgery CSRF vulnerability in Alessandro Piconi Internal Link Builder internal-link-builder allows Cross Site Request Forgery.This issue affects Internal Link Builder: from n/a through = 1.0...

CVE-2025-23989 WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Alessandro Piconi Internal Link Builder internal-link-builder allows Cross Site Request Forgery.This issue affects Internal Link Builder: from n/a through = 1.0...

CVE-2025-23989

CVE-2025-23989 describes a CSRF vulnerability in the WordPress plugin Internal Link Builder , affecting versions listed as “n/a through 1.0.” The connected sources indicate the issue is a Cross-Site Request Forgery that can lead to a Stored Cross-Site Scripting (XSS) condition. The CVE entry does...

PT-2025-5248 · Sablab · Sablab Internal Link Builder

Name of the Vulnerable Software and Affected Versions: Alessandro Piconi - SabLab Internal Link Builder versions n/a through 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user...

WordPress plugin Internal Link Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Internal Link Builder versions = 1.0...