Aggregates CVE and security vulnerability intelligence across all evanliewer-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting and vendor risk csrf, with potential vendor impact session compromise across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-7231 | The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links. | [email protected] | 7.3 | 0.30% | 2025-05-15 | 2025-06-06 |
| CVE-2023-7230 | The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks. | [email protected] | 6.1 | 0.29% | 2025-05-15 | 2025-05-27 |
| CVE-2023-7229 | The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. | [email protected] | 5.5 | 0.05% | 2025-05-15 | 2025-05-27 |
| CVE-2023-7228 | The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks. | [email protected] | 6.1 | 0.41% | 2025-05-15 | 2025-05-28 |