VYPR

Illi Link Party

by WordPress

CVEs (4)

  • CVE-2023-7231May 15, 2025
    WordPress
    Illi Link Party
    risk 0.00cvss epss 0.00

    The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links.

  • CVE-2023-7230May 15, 2025
    WordPress
    Illi Link Party
    risk 0.00cvss epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks.

  • CVE-2023-7229May 15, 2025
    WordPress
    Illi Link Party
    risk 0.00cvss epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

  • CVE-2023-7228May 15, 2025
    WordPress
    Illi Link Party
    risk 0.00cvss epss 0.00

    The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks.