Lucene search
+L

15 matches found

CNNVD
CNNVD
added 2025/10/11 12:0 a.m.4 views

WordPress plugin WP Links Page SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin WP...

6.5CVSS7.7AI score0.00359EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-51750

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00288EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-26849

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:44 a.m.7 views

CVE-2023-22720

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robert Macchi WP Links Page plugin = 4.9.3 versions...

6.5CVSS5.6AI score0.0037EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:58 a.m.5 views

CVE-2023-47651

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

8.8CVSS8AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/13 11:19 a.m.10 views

CVE-2024-6465 WP Links Page <= 4.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Image Update

The WP Links Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wplfajaxupdatescreenshots' function in all versions up to, and including, 4.9.5. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.5AI score0.00385EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/13 12:0 a.m.6 views

PT-2024-37648 · WordPress · Wp Links Page

Name of the Vulnerable Software and Affected Versions: WP Links Page plugin for WordPress versions up to, and including, 4.9.5 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify data due to a missing capability check on the wplf ajax update...

4.3CVSS6.6AI score0.00385EPSS
Exploits0References6
OSV
OSV
added 2023/11/18 10:15 p.m.4 views

CVE-2023-47651

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

8.8CVSS7.3AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2023/11/18 10:15 p.m.24 views

CVE-2023-47651

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

8.8CVSS0.00288EPSS
Exploits0References1
Prion
Prion
added 2023/11/18 10:15 p.m.21 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

6.8CVSS7.2AI score0.00288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/18 9:17 p.m.24 views

CVE-2023-47651 WordPress WP Links Page Plugin <= 4.9.4 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Robert Macchi WP Links Page.This issue affects WP Links Page: from n/a through 4.9.4...

4.3CVSS8.9AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2023/11/18 9:17 p.m.88 views

CVE-2023-47651

CVE-2023-47651 affects the WordPress WP Links Page plugin (versions up to 4.9.4). The vulnerability is a Cross-Site Request Forgery (CSRF) in the wplf_ajax_update_screenshots action that could be exploited by an unauthenticated attacker to forge requests. The issue is fixed in version 4.9.5. The ...

8.8CVSS8AI score0.00288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/11 2:31 p.m.27 views

CVE-2023-22720 WordPress WP Links Page Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Robert Macchi WP Links Page plugin = 4.9.3 versions...

6.5CVSS6AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 2023/05/11 2:31 p.m.47 views

CVE-2023-22720

CVE-2023-22720 affects the WordPress plugin WP Links Page by Robert Macchi. Versions ≤ 4.9.3 are vulnerable to a Stored XSS due to inadequate input handling. The vulnerability impact is described in the CVE as cross-site scripting, with a PatchSTACK entry noting the fix in version 4.9.4 . No expl...

6.5CVSS5.5AI score0.0037EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.13 views

WordPress WP Links Page Plugin <= 4.9.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Links Page Type Plugin Vulnerable versions = 4.9.3 Fixed in 4.9.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22720 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a20af666246 Credits István Márton Required...

6.5CVSS6AI score0.0037EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder