Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

linksoftwarellc

Source -

NVD

BOS Name -

N/A

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

7
Related CVEsRelated ProductsRelated AssignersReports
7Vulnerabilities found
CVE-2025-46236
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.88%
||
7 Day CHG~0.00%
Published-22 Apr, 2025 | 09:53
Updated-30 Jan, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress HTML Forms <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2.

Action-Not Available
Vendor-linksoftwarellcLink Software LLC
Product-html_formsHTML Forms
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2024-6412
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 48.29%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 06:00
Updated-30 Jan, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTML Forms – Simple WordPress Forms Plugin < 1.3.34 - Bulk Delete via CSRF

The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks

Action-Not Available
Vendor-linksoftwarellcUnknownhtmlforms
Product-html_formsHTML Formshtml_forms
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2024-6243
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-5.9||MEDIUM
EPSS-0.16% / 37.08%
||
7 Day CHG~0.00%
Published-22 Jul, 2024 | 06:00
Updated-30 Jan, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTML Forms < 1.3.33 - Admin+ Stored XSS

The HTML Forms WordPress plugin before 1.3.33 does not sanitize and escape the form message inputs, allowing high-privilege users, such as administrators, to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disabled.

Action-Not Available
Vendor-linksoftwarellcUnknownhtmlforms
Product-html_formsHTML Forms html_forms
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-52128
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-4.3||MEDIUM
EPSS-0.09% / 25.97%
||
7 Day CHG~0.00%
Published-05 Jan, 2024 | 08:49
Updated-23 May, 2025 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in WhiteWP White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard.This issue affects White Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard: from n/a through 2.9.0.

Action-Not Available
Vendor-linksoftwarellcWhiteWP
Product-white_labelWhite Label – WordPress Custom Admin, Custom Login Page, and Custom Dashboard
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2023-50836
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 17.95%
||
7 Day CHG~0.00%
Published-28 Dec, 2023 | 10:19
Updated-30 Jan, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress HTML Forms Plugin <= 1.3.28 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28.

Action-Not Available
Vendor-linksoftwarellcibericode
Product-html_formsHTML Forms
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2023-24006
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-5.9||MEDIUM
EPSS-0.08% / 23.57%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 07:55
Updated-19 Feb, 2025 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress WP Terms Popup – Terms and Conditions and Privacy Policy WordPress Popups Plugin <= 2.6.0 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Link Software LLC WP Terms Popup plugin <= 2.6.0 versions.

Action-Not Available
Vendor-linksoftwarellcLink Software LLC
Product-wp_terms_popupWP Terms Popup
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-3689
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-7.2||HIGH
EPSS-35.52% / 96.95%
||
7 Day CHG~0.00%
Published-28 Nov, 2022 | 13:47
Updated-30 Jan, 2026 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HTML Forms < 1.3.25 - Admin+ SQLi

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users

Action-Not Available
Vendor-linksoftwarellcUnknown
Product-html_formsHTML Forms
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')