Unauthenticated Cross Site Scripting Vulnerability in Simple Link Directory by WordPress
CVE-2026-57682
7.1HIGH
What is CVE-2026-57682?
An unauthenticated Cross Site Scripting (XSS) vulnerability exists in the Simple Link Directory plugin for WordPress, affecting versions 15.0.5 and earlier. This flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to data theft, session hijacking, or other malicious activities, posing a significant security risk for websites using this plugin.
Affected Version(s)
Simple Link Directory <= 15.0.5