Short Url@* Security Vulnerabilities and Issues — Short Url@* CVE List

Lucene search

KaizencodersShort Url*

3 matches found

CVE•added 2025/06/06 6:15 a.m.•67 views

CVE-2023-2921

The Short URL WordPress plugin through 1.6.8 does not properly sanitise and escape a parameter before using it in SQL statement, leading to a SQL injection exploitable by users with relatively low privilege on the site, like subscribers.

8.8CVSS7.6AI score0.00045EPSS

CVE•added 2023/07/31 10:15 a.m.•48 views

CVE-2023-3130

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

4.8CVSS4.9AI score0.00113EPSS

CVE•added 2023/11/06 8:15 a.m.•31 views

CVE-2022-46860

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaizenCoders Short URL allows SQL Injection.This issue affects Short URL: from n/a through 1.6.4.

9.8CVSS9.9AI score0.0021EPSS