Vulnerability Key Information Vulnerability Overview Vulnerability Name: WordPress Link Library Plugin <= 7.6 is vulnerable to Cross Site Scripting (XSS) Priority: Medium CVSS Score: 7.1 Vulnerability Details Risk: This vulnerability is moderately dangerous and expected to become exploited. Risk Type: Cross Site Scripting (XSS) Impact: Allows a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website. Remediation Recommended Action: Mitigate or resolve the vulnerability immediately. Automated Mitigation: Patchstack has issued a virtual patch to mitigate this issue. Version Update: Update to version 7.6.1 or later to remove the vulnerability. Timeline Report Date: 13 Feb 2024 by stealthcopter Early Warning: 16 Mar 2024 to Patchstack customers Disclosure Date: 18 Mar 2024 by Patchstack Additional Information Remediation Provider: Patchstack Fixed Version: 7.6.1