Description
WordPress Plugin Link Library is prone to an SQL injection and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Link Library version 5.0.8 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 5.0.9 or latest
References
Related Vulnerabilities
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5106)
WordPress Plugin Simple Image Sizes Unspecified Vulnerability (2.2.4)
WordPress Plugin Flipbox-Awesomes Flip Boxes Image Overlay Security Bypass (2.6.0)
WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (5.5.15)
WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5)