Link Library <= 5.9.12.29 – Authenticated Reflected Cross-Site Scripting (XSS)

Affects Plugins

link-library

Fixed in 5.9.12.30

References

URL

https://seclists.org/fulldisclosure/2016/Aug/73

URL

https://sumofpwn.nl/advisory/2016/cross_site_scripting_in_link_library_wordpress_plugin.html

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

Miscellaneous

Submitter

ethicalhack3r

Submitter twitter

ethicalhack3r

Verified

No

WPVDB ID

40386b83-a47e-40e0-82e0-f7d299187d56

Timeline

Publicly Published

2016-08-15 (about 9 years ago)

Added

2016-08-16 (about 9 years ago)

Last Updated

2019-11-01 (about 6 years ago)

Other

Published

Title

Published

2025-01-30

Title

Ai Image Alt Text Generator for WP < 1.0.7 - Reflected Cross-Site Scripting

Published

2023-03-21

Title

Open Graphite < 1.6.1 - Reflected Cross-Site Scripting

Published

2025-03-12

Title

MicroPayments < 3.2.5 - Reflected Cross-Site Scripting

Published

2017-03-06

Title

WordPress 4.7-4.7.2 - Cross-Site Scripting (XSS) via Taxonomy Term Names

Published

2021-09-20

Title

YITH WooCommerce Product Add-Ons < 2.1.0 - Reflected Cross-Site Scripting