← Back

Prettylinks

prettylinks

Vendor: Caseproof • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-2326
1Caseproof
1Prettylinks
Apr 8, 2026
Mar 23, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.3. This is due to missing or...Show more
The Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.3. This is due to missing or incorrect nonce validation when saving plugin settings. This makes it possible for unauthenticated attackers to change the plugin's configuration including stripe integration via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.Show less
CVE-2011-4595
1Caseproof
1Prettylinks
Feb 13, 2025
Jan 10, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Pretty-Link WordPress plugin 1.5.2 has XSS
CVE-2015-9457
1Caseproof
1Prettylinks
Feb 13, 2025
Oct 10, 2019
N/A· v4
7.2 HIGH· v3
6.5 MEDIUM· v2
The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection via the group parameter.
CVE-2013-1636
3Caseproof
CivicrmJoobi
3Civicrm
Com JnewsPrettylinks
May 6, 2026
Mar 12, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla...Show more
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.Show less