WordPress UIX Shortcodes <= 1.9.7 - Unauthenticated Shortcode Execution

The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.9. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

CVE-2026-9772

creationtimestamp| type| source ---|---|--- 2026-06-25 01:30:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp3bsetpgr2t 2026-06-25 02:25:30+00:00| seen| https://bsky.app/profile/suriq.io/post/3mp3euei7q32r...

EUVD-2017-18709

Malware in sbrugna...

CVE-2025-9772

creationtimestamp| type| source ---|---|--- 2025-09-01 12:57:24+00:00| seen| https://gist.github.com/Darkcrai86/7fa92fdb60f596cd1129e7defbe94904 2025-09-01 13:04:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxro3uoo3h2r...

CVE-2020-9772

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2024-9772

creationtimestamp| type| source ---|---|--- 2024-10-26 13:08:52+00:00| seen| https://t.me/cvedetector/9029 2025-09-17 10:20:57+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-9772.yaml 2025-09-19 21:02:37+00:00| seen|...

CVE-2024-9772 Uix Shortcodes – Compatible with Gutenberg <= 1.9.9 - Unauthenticated Arbitrary Shortcode Execution

The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.9. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

CVE-2024-9772 Uix Shortcodes – Compatible with Gutenberg <= 1.9.9 - Unauthenticated Arbitrary Shortcode Execution

The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.9. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

CVE-2024-9772

CVE-2024-9772 concerns WordPress, specifically the UIX Shortcodes plugin (versions up to 1.9.9; some sources also cite 1.9.7). The vulnerability allows unauthenticated attackers to perform arbitrary shortcode execution by exploiting improper validation when running do_shortcode, via an action exp...

WordPress Uix Shortcodes Plugin <= 1.9.9 is vulnerable to Arbitrary Code Execution

Software Uix Shortcodes Type Plugin Vulnerable versions = 1.9.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9772 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID a42f828d9a99 Credits Francesco Carlucci Required privilege...

Mageia: Security Advisory (MGASA-2017-0037)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-9772

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A sandboxed process may be able to circumvent sandbox restrictions...

CVE-2020-9772

CVE-2020-9772 involves a logic issue that allowed a sandboxed process to potentially circumvent sandbox restrictions. Apple states this vulnerability affects multiple platforms and was fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, and watchOS 6.2. The description emphasize...

CVE-2019-9772

CVE-2019-9772 affects GNU LibreDWG up to version 0.7 (patches referenced in LibreDWG 0.9.x series). The vulnerability is a NULL pointer dereference in the function dwg_dxf_LEADER in dwg.spec, as described in the CVE entry. Publicly discussed openSUSE/SUSE advisories (openSUSE-SU-2020:0068-1/0068-...

003-gas-convert (=1.0.1), 01homework (>=1.0.0 <=1.0.1) +48202 more potentially affected by CVE-2014-9772 via validator (>=0.1.8 <=1.5.1)

validator NPM version =0.1.8, =1.0.0, =0.0.2, =0.0.8, =0.0.1, =0.0.6, =1.0.9, =0.0.1, =0.0.122 and more Source cves: CVE-2014-9772 Source advisory: OSV:GHSA-79MX-88W7-8F7Q...

CVE-2014-9772

creationtimestamp| type| source ---|---|--- 2018-11-06 23:12:49+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-79mx-88w7-8f7q...

Debian DSA-4067-1 : openafs - security update

It was discovered that malformed jumbogram packets could result in denial of service against OpenAFS, an implementation of the Andrew distributed file system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

[SECURITY] [DSA 4067-1] openafs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4067-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2017 https://www.debian.org/security/faq -...

Design/Logic Flaw

OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact."...

Fedora 26 : ocaml (2017-64f47504e4)

Fix: ocaml: Insufficient sanitisation allows privilege escalation for setuid binaries CVE-2017-9772 RHBZ1464920. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format...