Vendor
Prettylinks
Products
2
CVEs
2
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
2| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-25147 | Hig | 0.47 | 7.2 | 0.01 | Jun 7, 2023 | The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the track_link function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |
| CVE-2011-4595 | 0.03 | — | 0.01 | Jan 10, 2020 | Pretty-Link WordPress plugin 1.5.2 has XSS |
- risk 0.47cvss 7.2epss 0.01
The Pretty Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via various IP headers as well as the referer header in versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping in the track_link function. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
- CVE-2011-4595Jan 10, 2020risk 0.03cvss —epss 0.01
Pretty-Link WordPress plugin 1.5.2 has XSS