Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical1

High0

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-12-13

CVE-2024-12417 - The Simple Link Directory Plugin

The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.4.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

PLUGIN The Simple Link Directory

CVE-2024-12417

MEDIUM CVSS 6.5 2024-12-13

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-0760 - Simple Link Directory Plugin

The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection

PLUGIN Simple Link Directory

CVE-2022-0760

CRITICAL CVSS 9.8 2022-03-21

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-12417 - The Simple Link Directory Plugin

CVE-2022-0760 - Simple Link Directory Plugin

Company Links

Contact Us