Lucene search
Dave Jong (Patchstack)PATCHSTACK:054C0D9C5A34AA6F301AFE7D56888B33HistoryOct 13, 2022 - 12:00 a.m.
WordPress Shortcodes Ultimate plugin <= 5.12.0 - CSRF vulnerability leading to Stored XSS
2022-10-1300:00:00
Dave Jong (Patchstack)
patchstack.com
13
wordpress
shortcodes ultimate
csrf
stored xss
vulnerability
patchstack
update
EPSS
0.001
Percentile
41.8%
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) vulnerability discovered by Dave Jong (Patchstack) in WordPress Shortcodes Ultimate plugin (versions <= 5.12.0).
Solution
Update the WordPress Shortcodes Ultimate plugin to the latest available version (at least 5.12.1).
Related
prion
prion
Cross site request forgery (csrf)
2022-11-08 19:15:00
wpvulndb
wpvulndb
Shortcodes Ultimate < 5.12.1 - Stored XSS via CSRF
2022-10-12 00:00:00
cve
cve
CVE-2022-41136
2022-11-08 19:15:15
nvd
nvd
CVE-2022-41136
2022-11-08 19:15:15
cvelist
cvelist
openvas
openvas
WordPress Shortcodes Ultimate Plugin < 5.12.1 Multiple CSRF Vulnerabilities
2022-11-10 00:00:00