Lucene search
K
GetlassoSimple Urls

5 matches found

CVE
CVE
added 2023/02/13 2:32 p.m.131 views

CVE-2023-0099

CVE-2023-0099 impacts the Simple URLs WordPress plugin prior to 115, which does not sufficiently sanitise/escape certain parameters before echoing them, enabling Reflected Cross-Site Scripting. The vulnerability can affect high-privilege users (e.g., admins) by crafting malicious links; CVSS v3.1...

6.1CVSS5.8AI score0.01726EPSS
CVE
CVE
added 2023/02/13 2:32 p.m.59 views

CVE-2023-0098

CVE-2023-0098 – Simple URLs WordPress plugin : A SQL injection exists in versions prior to 115 due to unescaped input in AJAX actions accessible to any authenticated user (e.g., subscribers). This can allow low-privilege users to influence SQL statements. The issue is mitigated by upgrading to ve...

8.8CVSS8.9AI score0.00943EPSS
CVE
CVE
added 2023/10/16 8:29 a.m.49 views

CVE-2023-45606

CVE-2023-45606 is a CSRF vulnerability in the WordPress plugin Simple URLs (Link Cloaking, etc.) for versions up to 120. The issue enables Cross-Site Request Forgery without authentication, potentially allowing attackers to trigger unwanted actions on behalf of logged-in users. Public details fro...

8.8CVSS6.4AI score0.00214EPSS
CVE
CVE
added 2023/11/30 12:24 p.m.37 views

CVE-2023-40674

CVE-2023-40674 affects the WordPress Simple URLs plugin (versions

6.5CVSS6.3AI score0.00385EPSS
CVE
CVE
added 2023/09/27 6:40 a.m.29 views

CVE-2023-40667

CVE-2023-40667: Unauthenticated Reflected Cross-Site Scripting in WordPress Simple URLs plugin affecting versions

7.1CVSS6AI score0.00343EPSS