Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
caseproof vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2015-9457
The pretty-link plugin prior to 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.
Caseproof Pretty Link
6.1
CVSSv3
CVE-2011-4595
Pretty-Link WordPress plugin 1.5.2 has XSS
Caseproof Pretty Link 1.5.2
1 EDB exploit
4.3
CVSSv3
CVE-2022-0634
The ThirstyAffiliates WordPress plugin prior to 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf chec...
Caseproof Thirstyaffiliates Affiliate Link Manager
5.4
CVSSv3
CVE-2021-24127
Unvalidated input and lack of output encoding in the ThirstyAffiliates Affiliate Link Manager WordPress plugin, versions prior to 3.9.3, was vulnerable to authenticated Stored Cross-Site Scripting (XSS), which could lead to privilege escalation.
Caseproof Thirstyaffiliates Affiliate Link Manager
5.4
CVSSv3
CVE-2022-0398
The ThirstyAffiliates Affiliate Link Manager WordPress plugin prior to 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to r...
Caseproof Thirstyaffiliates Affiliate Link Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started