Aggregates CVE and security vulnerability intelligence across all leenk-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Disclosed issues often relate to vendor risk cross-site scripting and vendor risk csrf; exposure may include vendor impact session compromise in vendor surface software deployment and vendor surface production workloads contexts.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-49661 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lew Ayotte leenk.me leenkme allows Reflected XSS.This issue affects leenk.me: from n/a through <= 2.16.0. | [email protected] | 7.1 | 0.32% | 2024-10-29 | 2026-04-23 |
| CVE-2016-10989 | The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF. | [email protected] | 8.8 | 0.24% | 2019-09-17 | 2024-11-21 |
| CVE-2016-10988 | The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer. | [email protected] | 6.1 | 0.24% | 2019-09-17 | 2024-11-21 |