VYPR

Link Party!

by WordPress

CVEs (4)

  • CVE-2023-7231HigMay 15, 2025
    risk 0.47cvss 7.3epss 0.00

    The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links.

  • CVE-2023-7230MedMay 15, 2025
    risk 0.40cvss 6.1epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks.

  • CVE-2023-7228MedMay 15, 2025
    risk 0.40cvss 6.1epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks.

  • CVE-2023-7229MedMay 15, 2025
    risk 0.36cvss 5.5epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.