cleantalk
Vulnerabilities and Security Researches

Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management, CVE-2023-40674

CVE, Research URL

CVE-2023-40674

Home page URL

Security reports for Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Application

Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management

Published on
Nov 30, 2023
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lasso Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management allows Stored XSS.This issue affects Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management: from n/a through 118.
Affected versions
Min -, max 118.
Status
vulnerable
Previous vulnerability researches
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management (CVE-2023-40678) , Jun 10, 2024
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management (CVE-2023-40674) , Jun 06, 2024
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management (CVE-2023-45606) , Jun 06, 2024
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management (CVE-2023-0098) , Jun 06, 2024
Simple URLs – Link Cloaking, Product Displays, and Affiliate Link Management (CVE-2023-0099) , Jun 06, 2024
New vulnerability
Min Max Default Quantity for WooCommerce (CVE-2025-47504) , Jun 09, 2025
The Plus Addons for Elementor (CVE-2025-49076) , Jun 06, 2025
WP Pipes (CVE-2025-48267) , Jun 06, 2025
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025