The Short URL plugin for WordPress has a security vulnerability that allows attackers with administrator-level permissions to inject malicious web scripts in pages. This malicious code can be executed whenever a user visits an affected page. This vulnerability affects versions 1.6.4 and earlier of the plugin, and is caused by insufficient input sanitization and output escaping.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
