CVE-2026-2288 myLinksDump <= 1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'link_title' Parameter

The myLinksDump plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'linktitle' parameter in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access...

CVE-2026-2279

The CVE concerns the WordPress plugin myLinksDump (WordPress plugin; vulnerable component: SQL construction in myLinksDump.php). Affected versions: all versions up to and including 1.6. Root cause: insufficient escaping of user-supplied parameters and lack of proper preparation of the existing SQ...

EUVD-2010-2928

Malware in sbrugna...

CVE-2010-2924

SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information...

Sql injection

SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-2924

SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows remote attackers to execute arbitrary SQL commands via the url parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-2924

The WordPress plugin myLinksDump (myLDlinker.php) in the myLDlinker Plugin 1.2 is vulnerable to SQL injection via the url parameter, allowing remote attackers to execute arbitrary SQL commands. This affects the myLinksDump component used with WordPress. Impact: potential data compromise and modif...