URL Shortify – Simple and Easy URL Shortener

Vulnerabilities 15Slug url-shortifyLatest version 2.3.0WordPress.org →

Minimum safe version

1.12.4

Update to 1.12.4 or later to address 15 fixable vulnerabilities

Latest available2.3.0 ✓

Medium 6.1

2026-05-01< 1.10.5.1

CVE-2024-13362

CVE Wordfence

N/A

2026-02-17< 1.12.2

URL Shortify <= 1.12.1 - Unauthenticated Open Redirect via 'redirect_to' Parameter

Wordfence CVE

Medium 5.5

2026-02-19< 1.12.4

CVE-2026-25385

CVE Wordfence

High 7.1

2025-12-15< 1.11.4

CVE-2025-13355

CVE Wordfence

High 7.1

2025-12-15< 1.11.3

CVE-2025-12684

CVE Wordfence

Medium 5.9

2025-04-04< 1.10.6

CVE-2025-32134

CVE Patchstack Wordfence EUVD

Medium 6.3

2024-10-16< 1.5.11

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

Medium 4.8

2023-11-16< 1.7.9.1

URL Shortify <= 1.7.9 - Authenticated (Admin+) Stored Cross-Site Scripting

Wordfence Patchstack CVE WPScan

Medium 6.1

2023-09-11< 1.7.6

CVE-2023-4294

CVE Patchstack Wordfence WPScan

N/A

2023-07-18< 1.7.4

WordPress URL Shortify Plugin < 1.7.4 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 4.8

2023-07-10< 1.7.0

CVE-2023-3129

CVE Wordfence WPScan

N/A

2022-03-04< 1.5.11

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2022-02-28< 1.5.11

WordPress URL Shortify plugin < 1.5.11 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 1.5.11

WordPress URL Shortify plugin < 1.5.11 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack

Medium 4.3

2021-11-29< 1.5.11

CVE-2021-24749

CVE Patchstack Wordfence WPScan