Lucene search

CVE-2023-0063

🗓️ 06 Mar 2023 14:09:15Reported by WPScanType

The WordPress Shortcodes plugin through 1.6.36 is vulnerable to Stored XSS via unvalidated shortcode attributes

Reporter	Title	Published	Views	Family All 5
Patchstack	WordPress Synved Shortcodes Plugin <= 1.6.36 is vulnerable to Cross Site Scripting (XSS)	3 Mar 202300:00	–	patchstack
Cvelist	CVE-2023-0063 Synved Shortcodes <= 1.6.36 - Contributor+ Stored XSS	6 Mar 202313:34	–	cvelist
Vulnrichment	CVE-2023-0063 Synved Shortcodes <= 1.6.36 - Contributor+ Stored XSS	6 Mar 202313:34	–	vulnrichment
Prion	Cross site scripting	6 Mar 202314:15	–	prion
NVD	CVE-2023-0063	6 Mar 202314:15	–	nvd

Nvd

Vulners

Node

synved wordpress_shortcodesRange≤1.6.36wordpress

[
  {
    "vendor": "Unknown",
    "product": "WordPress Shortcodes",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThanOrEqual": "1.6.36"
      }
    ],
    "defaultStatus": "affected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/2262f2fc-8122-46ed-8e67-8c34ee35fc97

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2023 14:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS35.4

EPSS0.01364

SSVC

CWE-79