Lucene search

K
QuantumcloudSimple Link Directory*

5 matches found

CVE
CVE
added 2020/03/20 9:15 p.m.144 views

CVE-2019-13463

An XSS vulnerability in qcopd-shortcode-generator.php in the Simple Link Directory plugin before 7.3.5 for WordPress allows remote attackers to inject arbitrary web script or HTML, because esc_html is not called for the "echo get_the_title()" or "echo $term->name" statement.

6.1CVSS6AI score0.0029EPSS
CVE
CVE
added 2022/03/21 7:15 p.m.108 views

CVE-2022-0760

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection

9.8CVSS9.8AI score0.77442EPSS
CVE
CVE
added 2024/12/13 9:15 a.m.46 views

CVE-2024-12417

The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.4.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible ...

6.5CVSS6.8AI score0.00444EPSS
CVE
CVE
added 2025/07/04 12:15 p.m.9 views

CVE-2025-32297

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quantumcloud Simple Link Directory allows SQL Injection. This issue affects Simple Link Directory: from n/a through 14.7.3.

8.5CVSS7.7AI score0.00038EPSS
CVE
CVE
added 2 hours ago2 views

CVE-2025-48297

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in quantumcloud Simple Link Directory allows Reflected XSS. This issue affects Simple Link Directory: from n/a through n/a.

7.1CVSS7AI score