CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

NVD•added 2025/09/09 6:15 a.m.•2 views

CVE-2025-9058

The Mikado Core plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-leve...

6.4CVSS0.00049EPSS

Exploits0References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36572

Name of the Vulnerable Software and Affected Versions: Mikado Core plugin for WordPress versions up to and including 1.5.2 Description: The Mikado Core plugin for WordPress is susceptible to Stored Cross-Site Scripting through shortcodes due to inadequate input sanitization and output escaping of...

6.4CVSS5AI score0.00049EPSS

Exploits0References7

Patchstack•added 2025/09/08 10:31 p.m.•5 views

WordPress Mikado Core plugin <= 1.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Mikado Core versions = 1.5.2...

6.4CVSS5.5AI score0.00049EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by