Madfishdigital Security Vulnerabilities

CVE-2023-45065

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit plugin <= 1.42 versions.

CVE-2024-8803

The Bulk NoIndex & NoFollow Toolkit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.15. This makes it possible for unauthenticated attackers to inject arbitrary we...