Mbis Permalink Manager Lite
7 CVEs affecting Mbis Permalink Manager Lite. Latest disclosed: 2026-06-17. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-4021 | High | 8.8 | 2022-11-16 | The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing… |
CVE-2026-8494 | Medium | 6.4 | 2026-06-17 | The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in the admin URI Editor interface in all versions… |
CVE-2022-4410 | Medium | 6.4 | 2022-12-14 | The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output e… |
CVE-2024-2738 | Medium | 6.1 | 2024-04-09 | The Permalink Manager Lite and Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘s’ parameter in multiple instances in all ve… |
CVE-2024-2538 | Medium | 5.4 | 2024-03-20 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalin… |
CVE-2024-8195 | Medium | 5.3 | 2024-08-28 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_quer… |
CVE-2024-2543 | Medium | 4.3 | 2024-04-09 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_uri_editor' function… |