Pretty Link Lite

Name: Pretty Link Lite
Type: XSS
Exploit version: 1.6.2
Release Date: 21-02-2013
Status: A new version of Pretty Link Lite has been released  •

Input passed via the "get-file" GET parameter to wp-content/plugins/pretty-link/includes/version-2 -kvasir/open-flash-chart.swf is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's web browser session in the context of an affected site.

Plugin Information

  1. Downloaded: 1128220 Times
  2. Current Version: 1.6.8
  3. Author: Profile
  4. Tested up to: 4.4.2
  5. Download Plugin

Security Information

  1. Secunia ID: 52246
  2. Credit: hip
  • Plugin statistics provided by Updated within the last day or so.
  • ¹ Status info requires plugin author's to fill in versioning info on the repository