9 matches found
WordPress Sheets2Table plugin <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titles' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'titles' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin Sheets2Table versions = 0.4.1...
EUVD-2026-14183
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-3619
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-3619
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-3619 Sheets2Table <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titles' Shortcode Attribute
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-3619
The Sheets2Table WordPress plugin is affected by CVE-2026-3619 through the [sheets2table-render-table] shortcode; all versions up to 0.4.1 are vulnerable. The root cause is insufficient input sanitization and output escaping: the titles attribute value is passed through S2T_Functions::trim_array_...
CVE-2026-3619 Sheets2Table <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titles' Shortcode Attribute
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
PT-2026-26862
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
WordPress plugin Sheets2Table 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...