CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

WordPress Shortcodes Ultimate <= 5.0.0 - Authenticated Remote Code Execution

Shortcodes Ultimate plugin before 5.0.1 for WordPress contains a remote code execution caused by a filter in meta, post, or user shortcode, letting remote attackers execute arbitrary code, exploit requires sending crafted shortcode data. id: CVE-2017-18580 info: name: WordPress Shortcodes Ultimat...

9.8CVSS8.7AI score0.70003EPSS

Exploits1References4

Circl•added 2025/12/15 2:1 a.m.•4 views

CVE-2017-18580

creationtimestamp| type| source ---|---|--- 2025-12-15 02:01:12+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2017/CVE-2017-18580.yaml...

9.8CVSS6AI score0.70003EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 7:18 a.m.•5 views

CVE-2017-18580

The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode...

9.8CVSS8AI score0.70003EPSS

Exploits1References1

CVE•added 2019/08/22 1:32 p.m.•61 views

CVE-2017-18580

The CVE-2017-18580 entry concerns WordPress Shortcodes Ultimate plugin before 5.0.1. The connected documents provide concrete details: remote code execution via a filter vulnerability in the meta/post/user shortcodes (su_meta, su_post, su_user). The exploitable condition requires crafted shortcod...

9.8CVSS9.7AI score0.70003EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by