Vulnerabilities and security researches forleenkme leenkme

Jun 16, 2026

CVE, Research URL: 753d31765913b4d2dbb8af0a5512e5f1f8c70c61
Home page URL: Security reports for leenk.me
Application: leenk.me
Date: Apr 18, 2016
Research Description: leenk.me [leenkme] < 2.5.1 (closed) WordPress leenk.me Plugin 2.5.0 - Multiple Vulnerabilities This WordPress leenk.me plugin is prone to cross-site request forgery and cross-site scripting vulnerabilities via vulnerable page: wp-content/plugins/leenkme/facebook.php. Also, there are vulnerable fields: "facebook_message", "facebook_description", "default_image", "facebook_linkname", etc. Upgrade the plugin.
Affected versions: max 2.5.1.
Status: vulnerable

Oct 25, 2024

CVE, Research URL: CVE-2024-49661
Home page URL: Security reports for leenk.me
Application: leenk.me
Date: Oct 29, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lew Ayotte leenk.me leenkme allows Reflected XSS.This issue affects leenk.me: from n/a through <= 2.16.0.
Affected versions: max 2.16.0.
Status: vulnerable

Jun 07, 2024

CVE, Research URL: CVE-2016-10989
Home page URL: Security reports for leenk.me
Application: leenk.me
Date: Sep 17, 2019
Research Description: The leenkme plugin before 2.6.0 for WordPress has wp-admin/admin.php?page=leenkme_facebook CSRF.
Affected versions: max 2.6.0.
Status: vulnerable

CVE, Research URL: CVE-2016-10988
Home page URL: Security reports for leenk.me
Application: leenk.me
Date: Sep 17, 2019
Research Description: The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, or _wp_http_referer.
Affected versions: max 2.6.0.
Status: vulnerable