getlasso simple_urls の CVE(5 件)

CVE 件数: 5 CPE versions: View versions table

概要

本ページは getlasso simple_urls に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 15 / 5 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2023-40674 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored XSS.This issue affects Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management: from n/a through 118. [email protected] 6.5 0.39% 2023-11-30 2026-06-17
CVE-2023-45606 Cross-Site Request Forgery (CSRF) vulnerability in Lasso Simple URLs plugin <= 120 versions. [email protected] 4.3 0.21% 2023-10-16 2026-06-17
CVE-2023-40667 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Simple URLs plugin <= 117 versions. [email protected] 7.1 0.34% 2023-09-27 2026-06-17
CVE-2023-0099 The Simple URLs WordPress plugin before 115 does not sanitise and escape some parameters before outputting them back in some pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. [email protected] 6.1 1.73% 2023-02-13 2026-06-17
CVE-2023-0098 The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber. [email protected] 8.8 0.94% 2023-02-13 2026-06-17
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence