Vulnerabilities (CVE)

Filtered by vendor Permalink Manager Lite Project Subscribe

Filtered by product Permalink Manager Lite

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-0201	2 Permalink Manager Lite Project, Permalink Manager Project	2 Permalink Manager Lite, Permalink Manager	2022-02-19	4.3 MEDIUM	6.1 MEDIUM
The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue
CVE-2021-24769	1 Permalink Manager Lite Project	1 Permalink Manager Lite	2021-10-27	6.5 MEDIUM	7.2 HIGH
The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL statement in the Permalink Manager page, leading to a SQL Injection