Kaizencoders Url Shortify — known CVE vulnerabilities
Every CVE whose affected-product data names Kaizencoders Url Shortify, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-4294 — CVSS 6.1 (medium): The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated…
CVE-2023-3129 — CVSS 4.8 (medium): The URL Shortify WordPress plugin before 1.7.0 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2023-5605 — CVSS 4.8 (medium): The URL Shortify WordPress plugin before 1.7.9.1 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2021-24749 — CVSS 4.3 (medium): The URL Shortify WordPress plugin before 1.5.1 does not have CSRF check in place when bulk-deleting links or groups, which could allow…