cleantalk
Vulnerabilities and Security Researches

Permalink Manager Lite, CVE-2024-8195

CVE, Research URL

CVE-2024-8195

Home page URL

Security reports for Permalink Manager Lite

Application

Permalink Manager Lite

Published on
Aug 28, 2024
Research Description
The Permalink Manager Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'debug_data', 'debug_query', and 'debug_redirect' functions in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to extract sensitive data including password, title, and content of password-protected posts.
Affected versions
max 2.4.4.1.
Status
vulnerable
Previous vulnerability researches
Premmerce Permalink Manager for WooCommerce (CVE-2023-33999) , Jun 13, 2026
Premmerce Permalink Manager for WooCommerce (CVE-2024-13362) , May 02, 2026
Premmerce Permalink Manager for WooCommerce (8512ead354b68073964ac5ed0d56a850019f3b6b) , Jun 16, 2026
Premmerce Permalink Manager for WooCommerce (CVE-2024-27971) , Jun 07, 2024
Premmerce Permalink Manager for WooCommerce (28021e3588b5020a77c66a88cac17e671730287f) , Jun 07, 2024
New vulnerability
WooCommerce Digital Signature (CVE-2026-52694) , Jun 17, 2026
Permalink Manager Lite (CVE-2026-8494) , Jun 17, 2026
Static Block (CVE-2026-10780) , Jun 17, 2026
wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin (CVE-2026-49080) , Jun 16, 2026
The Events Calendar (CVE-2026-49772) , Jun 16, 2026