cleantalk
Vulnerabilities and Security Researches

Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin, CVE-2013-1636

CVE, Research URL

CVE-2013-1636

Home page URL

Security reports for Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

Application

Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin

Published on
Mar 12, 2014
Research Description
Cross-site scripting (XSS) vulnerability in open-flash-chart.swf in Open Flash Chart (aka Open-Flash Chart), as used in the Pretty Link Lite plugin before 1.6.3 for WordPress, JNews (com_jnews) component 8.0.1 for Joomla!, and CiviCRM 3.1.0 through 4.2.9 and 4.3.0 through 4.3.3, allows remote attackers to inject arbitrary web script or HTML via the get-data parameter.
Affected versions
Min -, max 1.6.3.
Status
vulnerable
Previous vulnerability researches
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2011-4595) , Jun 10, 2024
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2025-48247) , May 21, 2025
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2011-5192) , Jun 07, 2024
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2015-9457) , Jun 07, 2024
Pretty Links – Affiliate Links, Link Branding, Link Tracking & Marketing Plugin (CVE-2013-1636) , Jun 07, 2024
New vulnerability
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2025-48341) , May 21, 2025
Back Button Widget (CVE-2025-48252) , May 21, 2025
Cloudflare Turnstile or reCAPTCHA For All Pages, to Block Spam and Hackers Attack, Block Visitors from China (CVE-2025-48243) , May 21, 2025
Free Shipping Amount Label & Progress Bar for WooCommerce (CVE-2025-48253) , May 21, 2025
WordPress Gallery Plugin – NextGEN Gallery (CVE-2024-5878) , May 21, 2025