Ylefebvre Link_library

14 CVEs affecting Ylefebvre Link_library. Latest disclosed: 2025-04-22. Critical: 0, High: 5.

Top CVEs affecting Ylefebvre Link_library
CVESeverityScorePublishedSummary
CVE-2021-25093High7.52022-02-01The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary lin…
CVE-2024-38711High7.12024-07-20Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS…
CVE-2024-35687High7.12024-06-08Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows…
CVE-2024-29123High7.12024-03-19Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This i…
CVE-2024-24879High7.12024-02-08Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This i…
CVE-2025-46237Medium6.52025-04-22Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Stored…
CVE-2024-1559Medium6.52024-02-20The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'll_reciprocal' parameter in all versions up to, and including, 7.6…
CVE-2021-25092Medium6.52022-02-01The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arb…
CVE-2024-4281Medium6.42024-05-08The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode in all versions up to, and includi…
CVE-2024-13404Medium6.12025-01-21The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchll' parameter in all versions up to, and including, 7.7.2…
CVE-2024-2325Medium6.12024-04-09The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchll parameter in all versions up to, and including, 7.6.6 du…
CVE-2021-25091Medium6.12022-02-01The Link Library WordPress plugin before 7.2.9 does not sanitise and escape the settingscopy parameter before outputting it back in an admin page, leading to a…
CVE-2022-4199Medium4.82023-01-16The Link Library WordPress plugin before 7.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfo…
CVE-2024-24875Medium4.32024-02-12Cross-Site Request Forgery (CSRF) vulnerability in Yannick Lefebvre Link Library.This issue affects Link Library: from n/a through 7.5.13.