permalink manager project permalink manager vulnerabilities and exploits

(subscribe to this query)

The Permalink Manager Lite WordPress plugin prior to 2.2.15 and Permalink Manager Pro WordPress plugin prior to 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue

Permalink Manager Lite Project Permalink Manager Lite Permalink Manager Project Permalink Manager

Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.

Permalink Manager Lite Project Permalink Manager Lite

The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing or incorrect nonce validation on the extra_actions function. This makes it possible for unauthenticated malicious users t...

Permalink Manager Lite Project Permalink Manager Lite

The Permalink Manager Lite WordPress plugin prior to 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection

Permalink Manager Lite Project Permalink Manager Lite

The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output escaping on post/page/media titles. This makes it possible for malicious users to inject arbitrary web scripts on the perm...

Permalink Manager Lite Project Permalink Manager Lite

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook