WordPress Ketchup Shortcodes plugin <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Ketchup Shortcodes versions = 0.1.2...

EUVD-2025-3867

Malicious code in bioql PyPI...

EUVD-2024-51681

Malicious code in bioql PyPI...

CVE-2025-24673

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through = 0.1.2...

CVE-2024-13590

The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-24673

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through = 0.1.2...

CVE-2025-24673 WordPress Ketchup Shortcodes Plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through = 0.1.2...

CVE-2025-24673

CVE-2025-24673 covers the WordPress plugin Ketchup Shortcodes (versions up to 0.1.2). The issue is caused by the improper neutralization of script-related HTML tags , enabling Stored XSS when shortcodes are rendered. Public sources (NVD/Red Hat/Wordfence/CVEs) confirm the vulnerability affects ve...

WordPress Ketchup Shortcodes Plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Ketchup Shortcodes versions = 0.1.2...

WordPress plugin Ketchup Shortcodes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-5493 · Unknown · Ketchup Shortcodes

Name of the Vulnerable Software and Affected Versions: Ketchup Shortcodes versions 0.1.2 and earlier Description: The issue is related to improper neutralization of script-related HTML tags in a web page, which allows for Stored XSS attacks. This means an attacker can inject malicious scripts int...

CVE-2024-13590

The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13590

The CVE-2024-13590 entry concerns the Ketchup Shortcodes WordPress plugin (versions up to 0.1.2) and describes a Stored Cross-Site Scripting vulnerability in the spacer shortcode caused by insufficient input sanitization and output escaping of user-supplied attributes. Exploitation requires authe...

CVE-2024-13590 Ketchup Shortcodes <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13590 Ketchup Shortcodes <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Ketchup Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode in all versions up to, and including, 0.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin Ketchup Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-2225 · WordPress · Ketchup Shortcodes

Name of the Vulnerable Software and Affected Versions: Ketchup Shortcodes plugin for WordPress versions up to, and including, 0.1.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'spacer' shortcode due to insufficient input sanitization and output escaping on...