Approved changes feed: RSS · Atom

cpe:2.3:a:avirtum:imagelinks:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorAvirtum (f23e48c0-d7ac-5180-8e16-f5a9f99c114d)
ProductImagelinks (060896d4-d2b5-51d0-8637-0ba16507bbd9)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-46823 vulnerable 2026-06-08 06:14:23.501433 WordPress ImageLinks Interactive Image Builder Plugin <= 1.5.4 is vulnerable to SQL Injection
HIGH (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Avirtum ImageLinks Interactive Image Builder for WordPress allows SQL Injection.This issue affects ImageLinks Interactive Image Builder for WordPress: from n/a through 1.5.4.
Published: 2023-11-06T09:15:09.225Z
Updated: 2026-04-28T16:08:47.915Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4393 vulnerable 2026-06-08 05:51:37.389078 ImageLinks Interactive Image Builder for WordPress <= 1.5.3 - Contributor+ Stored XSS
The ImageLinks Interactive Image Builder for WordPress plugin through 1.5.3 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Published: 2023-01-09T22:13:29.648Z
Updated: 2024-08-03T01:41:44.361Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.