cleantalk
Vulnerabilities and Security Researches

Pz-LinkCard, CVE-2024-0672

CVE, Research URL

CVE-2024-0672

Home page URL

Security reports for Pz-LinkCard

Application

Pz-LinkCard

Published on
Mar 28, 2024
Research Description
The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions
max 2.5.3.
Status
vulnerable
Previous vulnerability researches
Pz-LinkCard (CVE-2025-8594) , Nov 10, 2025
Pz-LinkCard (CVE-2024-0672) , Jun 07, 2024
Pz-LinkCard (CVE-2021-25012) , Jun 07, 2024
Pz-LinkCard (CVE-2024-0673) , Jun 07, 2024
Pz-LinkCard (CVE-2023-47790) , Jun 07, 2024
New vulnerability
Post Connector (CVE-2025-52741) , Nov 11, 2025
Flights & Hotels Booking WP Plugin (CVE-2025-62916) , Nov 11, 2025
Headline Analyzer (CVE-2025-62974) , Nov 11, 2025
Depicter Slider – Responsive Image Slider, Video Slider & Post Slider (CVE-2025-11373) , Nov 11, 2025
Thumbnail Slider With Lightbox (CVE-2015-10146) , Nov 11, 2025