9 matches found
CVE-2026-1823
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1823
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1823
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1823
CVE-2026-1823 (Consensus Embed plugin, WordPress) is a stored XSS vulnerability affecting all versions up to 1.6, caused by insufficient input sanitization and output escaping on attributes used by the plugin’s consensus shortcode. The CVE description specifies that exploitation requires authenti...
CVE-2026-1823 Consensus Embed <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'src' Shortcode Attribute
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1823 Consensus Embed <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'src' Shortcode Attribute
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Consensus Embed plugin <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'src' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'src' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Consensus Embed versions = 1.6...
WordPress plugin Consensus Embed 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-23843
The Consensus Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's consensus shortcode in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...