Permalink_manager_lite_project Permalink_manager_lite
11 CVEs affecting Permalink_manager_lite_project Permalink_manager_lite. Latest disclosed: 2024-08-28. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-4021 | High | 8.8 | 2022-11-16 | The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1. This is due to missing… |
CVE-2021-24769 | High | 7.2 | 2021-10-25 | The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permal… |
CVE-2024-37257 | High | 7.1 | 2024-07-22 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite allows Reflected… |
CVE-2024-29092 | High | 7.1 | 2024-03-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite allows Reflected XSS.Th… |
CVE-2022-41781 | Medium | 6.5 | 2022-11-18 | Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress. |
CVE-2022-4410 | Medium | 6.4 | 2022-12-14 | The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due to improper output e… |
CVE-2024-2738 | Medium | 6.1 | 2024-04-09 | The Permalink Manager Lite and Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘s’ parameter in multiple instances in all ve… |
CVE-2022-0201 | Medium | 6.1 | 2022-02-14 | The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters… |
CVE-2024-2538 | Medium | 5.4 | 2024-03-20 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_permalin… |
CVE-2024-8195 | Medium | 5.3 | 2024-08-28 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_quer… |
CVE-2024-2543 | Medium | 4.3 | 2024-04-09 | The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_uri_editor' function… |