cleantalk
Vulnerabilities and Security Researches

Pz-LinkCard, CVE-2025-8594

CVE, Research URL

CVE-2025-8594

Home page URL

Security reports for Pz-LinkCard

Application

Pz-LinkCard

Published on
Oct 14, 2025
Research Description
The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack.
Affected versions
max 2.5.7.
Status
vulnerable
Previous vulnerability researches
Next Page, Not Next Post (CVE-2025-62943) , Nov 10, 2025
New vulnerability
BackWPup – WordPress Backup Plugin (CVE-2025-10579) , Nov 10, 2025
URLYar URL Shortner (CVE-2025-10133) , Nov 10, 2025
Dropify (CVE-2025-53286) , Nov 10, 2025
Woocommerce Category and Products Accordion Panel (CVE-2025-11722) , Nov 10, 2025
User Registration Aide (CVE-2025-53239) , Nov 10, 2025