ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Shortlinks by Pretty Links plugin <= 2.1.9 - Stored Cross-Site Scripting (XSS) vulnerability

Product
Shortlinks by Pretty Links
Description
Stored Cross-Site Scripting (XSS) vulnerability found by Jerome Bruandet in WordPress Shortlinks by Pretty Links plugin (versions <= 2.1.9).
Solution
Update the WordPress Shortlinks by Pretty Links plugin to the latest available version (at least 2.1.10).
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.1.9
Fixed In 2.1.10
Disclosure date
2019-06-25
Credits
Jerome Bruandet
Submitter
ThreatPress