Description
WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking is prone to multiple cross-site scripting and SQL injection vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking version 1.5.2 is vulnerable; other versions may also be affected.
Remediation
Update to the latest version
References
Related Vulnerabilities
Oracle Application Server CVE-2006-0275 Vulnerability (CVE-2006-0275)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2017-3169)
Squid CVE-2019-12523 Vulnerability (CVE-2019-12523)
WordPress Plugin Featured Video Plus Unspecified Vulnerability (2.2.3)
WordPress Plugin Classified Listing Pro & Directory Cross-Site Scripting (2.0.19)