Permalink Manager Lite Project Permalink Manager Lite — known CVE vulnerabilities
Every CVE whose affected-product data names Permalink Manager Lite Project Permalink Manager Lite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2022-4021 — CVSS 8.8 (high): The Permalink Manager Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.2.20.1…
CVE-2021-24769 — CVSS 7.2 (high): The Permalink Manager Lite WordPress plugin before 2.2.13.1 does not validate and escape the orderby parameter before using it in a SQL…
CVE-2024-37257 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager…
CVE-2024-29092 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite…
CVE-2022-4410 — CVSS 6.4 (medium): The Permalink Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including 2.2.20.3 due…
CVE-2022-0201 — CVSS 6.1 (medium): The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and…
CVE-2024-2738 — CVSS 6.1 (medium): The Permalink Manager Lite and Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘s’ parameter in…
CVE-2024-2538 — CVSS 5.4 (medium): The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the…
CVE-2024-8195 — CVSS 5.3 (medium): The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…
CVE-2024-2543 — CVSS 4.3 (medium): The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the…