cleantalk
Vulnerabilities and Security Researches

URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress, CVE-2023-3129

CVE, Research URL

CVE-2023-3129

Home page URL

Security reports for URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress

Application

URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress

Published on
Jul 10, 2023
Research Description
The URL Shortify WordPress plugin before 1.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 1.7.4.
Status
vulnerable
Previous vulnerability researches
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2025-32134) , Apr 06, 2025
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2023-5605) , Jun 07, 2024
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2021-24749) , Jun 07, 2024
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2023-3129) , Jun 07, 2024
URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress (CVE-2023-4294) , Jun 07, 2024
New vulnerability
Easy Contact (CVE-2025-30970) , Apr 08, 2025
DyaPress ERP/CRM (CVE-2025-30582) , Apr 08, 2025
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025