8983 matches found
WordPress plugin TweetThis Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripti...
WordPress plugin Markdown Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...
PT-2025-39516
Name of the Vulnerable Software and Affected Versions Markdown Shortcode plugin for WordPress versions prior to 0.2.2 Description The Markdown Shortcode plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'markdown' shortcode. Insufficient input sanitization and output...
CVE-2025-8902
The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-58683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through = 1.0.1...
CVE-2025-58021
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through = 1.3.1...
CVE-2025-58022
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through = 0.8.1...
CVE-2025-58653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JS Morisset JSM filegetcontents Shortcode wp-file-get-contents allows Stored XSS.This issue affects JSM filegetcontents Shortcode: from n/a through = 2.7.1...
CVE-2025-57989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brajesh Singh WordPress Widgets Shortcode wp-widgets-shortcode allows Stored XSS.This issue affects WordPress Widgets Shortcode: from n/a through = 1.0.3...
CVE-2025-8902
The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8902
CVE-2025-8902 refers to the WordPress plugin Widget Options - Extended . The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in the plugin’s shortcodes (specifically the do_sidebar shortcode) across versions up to and including 5.2.1, caused by insufficient input sanitization and output...
CVE-2025-8902 Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-58683
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through = 1.0.1...
CVE-2025-58653
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JS Morisset JSM filegetcontents Shortcode wp-file-get-contents allows Stored XSS.This issue affects JSM filegetcontents Shortcode: from n/a through = 2.7.1...
CVE-2025-58021
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through = 1.3.1...
CVE-2025-58022
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through = 0.8.1...
CVE-2025-57989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brajesh Singh WordPress Widgets Shortcode wp-widgets-shortcode allows Stored XSS.This issue affects WordPress Widgets Shortcode: from n/a through = 1.0.3...
WordPress WordPress Widgets Shortcode Plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin WordPress Widgets Shortcode versions = 1.0.3...
WordPress List Child Pages Shortcode Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin List Child Pages Shortcode versions = 1.3.1...
WordPress ShortCode Plugin <= 0.8.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin ShortCode versions = 0.8.1...