← Back

Linksoftwarellc

linksoftwarellc

7 CVEs • 3 products

Products (3)

Click to collapse
Toggle
Html Forms
html_forms
5 CVEs
Wp Terms Popup
wp_terms_popup
1 CVE
White Label
white_label
1 CVE

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-46236
1Linksoftwarellc
1Html Forms
Jun 17, 2026
Apr 22, 2025
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a through <= 1.5.2.
CVE-2024-6412
1Linksoftwarellc
1Html Forms
Jun 17, 2026
Jul 31, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-6243
1Linksoftwarellc
1Html Forms
Jun 17, 2026
Jul 22, 2024
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The HTML Forms WordPress plugin before 1.3.33 does not sanitize and escape the form message inputs, allowing high-privilege users, such as administrators, to perform Stored Cross-Site Scripting (XSS) attacks even when t...Show more
The HTML Forms WordPress plugin before 1.3.33 does not sanitize and escape the form message inputs, allowing high-privilege users, such as administrators, to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disabled.Show less
CVE-2023-52128
1Linksoftwarellc
1White Label
Jun 17, 2026
Jan 5, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard.This issue affects White Label – WordPress Custom Admin, Custom Login Page, and Cus...Show more
Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard.This issue affects White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard: from n/a through 2.9.0.Show less
CVE-2023-50836
1Linksoftwarellc
1Html Forms
Jun 17, 2026
Dec 28, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28.
CVE-2023-24006
1Linksoftwarellc
1Wp Terms Popup
Jun 17, 2026
Apr 6, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Link Software LLC WP Terms Popup plugin <= 2.6.0 versions.
CVE-2022-3689
1Linksoftwarellc
1Html Forms
Jun 17, 2026
Nov 28, 2022
N/A· v4
7.2 HIGH· v3
N/A· v2
The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users