Caseproof Prettylinks vulnerabilities
3 known vulnerabilities affecting caseproof/prettylinks.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2013-1636P4MEDIUMCVSS 4.3PoC≤ 1.6.2v1.6.0+1 more2014-03-12
CVE-2013-1636 [MEDIUM] CWE-79 CVE-2013-1636: Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get
nvd
CVE-2015-9457P3HIGHCVSS 7.2fixed in 1.6.82019-10-10
CVE-2015-9457 [HIGH] CWE-89 CVE-2015-9457: The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection
The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.
nvd
CVE-2024-2326P4MEDIUMCVSS 4.3≤ 3.6.32024-03-23
CVE-2024-2326 [MEDIUM] CWE-352 CVE-2024-2326: The Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordP
The Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.3. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's c
nvd