Evanliewer Illi Link Party! — known CVE vulnerabilities
Every CVE whose affected-product data names Evanliewer Illi Link Party!, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-7231 — CVSS 7.3 (high): The illi Link Party! WordPress plugin through 1.0 lacks proper access controls, allowing unauthenticated visitors to delete links.
CVE-2023-7228 — CVSS 6.1 (medium): The illi Link Party! WordPress plugin through 1.0 does not sanitise and escape some parameters, which could allow unauthenticated vistors…
CVE-2023-7230 — CVSS 6.1 (medium): The illi Link Party! WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low…
CVE-2023-7229 — CVSS 5.5 (medium): The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers…