Vulnerabilities > Ylefebvre > Link Library > 6.8.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-01 | CVE-2021-25092 | Unspecified vulnerability in Ylefebvre Link Library The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library settings, allowing attackers to make a logged in admin reset arbitrary settings via a CSRF attack | 6.5 |
| 2022-02-01 | CVE-2021-25093 | Unspecified vulnerability in Ylefebvre Link Library The Link Library WordPress plugin before 7.2.8 does not have authorisation in place when deleting links, allowing unauthenticated users to delete arbitrary links via a crafted request | 7.5 |