Evanliewer

evanliewer

4 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Illi Link Party!

illi_link_party!

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-7231 1Evanliewer 1Illi Link Party! Jun 6, 2025 May 15, 2025 N/A· v4 7.3 HIGH· v3 N/A· v2 The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links.
CVE-2023-7230 1Evanliewer 1Illi Link Party! May 27, 2025 May 15, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as admin to perform Cross-Site Scripting attacks.
CVE-2023-7229 1Evanliewer 1Illi Link Party! May 27, 2025 May 15, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
CVE-2023-7228 1Evanliewer 1Illi Link Party! May 28, 2025 May 15, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors to perform Cross-Site Scripting attacks.