VYPR

Internal Link Shortcode

by WordPress

Source repositories

CVEs (1)

  • CVE-2024-12404HigJan 11, 2025
    risk 0.49cvss 7.5epss 0.01

    The CF Internal Link Shortcode plugin for WordPress is vulnerable to SQL Injection via the 'post_title' parameter in all versions up to, and including, 1.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.…