CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8983 matches found

Patchstack•added 2025/09/22 6:35 p.m.•3 views

WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Last Updated Shortcode versions = 1.0.1...

6.5CVSS6AI score0.00196EPSS

Exploits0Affected Software1

CVE•added 2025/09/22 6:24 p.m.•13 views

CVE-2025-57989

CVE-2025-57989 is an Stored XSS in WordPress Widgets Shortcode (Authenticated) affecting WordPress Widgets Shortcode

6.5CVSS5.9AI score0.00208EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:24 p.m.•3 views

CVE-2025-57989 WordPress WordPress Widgets Shortcode Plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Brajesh Singh WordPress Widgets Shortcode wp-widgets-shortcode allows Stored XSS.This issue affects WordPress Widgets Shortcode: from n/a through = 1.0.3...

6.5CVSS5.2AI score0.00208EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•3 views

CVE-2025-58022 WordPress ShortCode Plugin <= 0.8.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through = 0.8.1...

6.5CVSS5.9AI score0.00258EPSS

Exploits0References1

CVE•added 2025/09/22 6:23 p.m.•11 views

CVE-2025-58022

CVE-2025-58022 describes a Stored XSS vulnerability in the ShortCode feature of the WordPress Shortcode plugin (referred to as ShortCode/ShortCode). Affected range is listed as from n/a through 0.8.1. The Initial Document and Connected Wordfence entries confirm the vulnerability type (Stored XSS ...

6.5CVSS5.9AI score0.00258EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•10 views

CVE-2025-58022 WordPress ShortCode Plugin <= 0.8.1 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00258EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•1 views

CVE-2025-58021 WordPress List Child Pages Shortcode Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through = 1.3.1...

6.5CVSS5.9AI score0.00258EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•8 views

CVE-2025-58021 WordPress List Child Pages Shortcode Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS0.00258EPSS

Exploits0References1

CVE•added 2025/09/22 6:23 p.m.•10 views

CVE-2025-58653

CVE-2025-58653 affects the WordPress plugin JSM file_get_contents Shortcode (JSM file_get_contents() Shortcode). Description indicates improper input neutralization leading to a Stored XSS within the shortcode, with affected versions from unknown earlier than or equal to 2.7.1. Connected document...

6.5CVSS5.9AI score0.00196EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:23 p.m.•9 views

CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JS Morisset JSM filegetcontents Shortcode wp-file-get-contents allows Stored XSS.This issue affects JSM filegetcontents Shortcode: from n/a through = 2.7.1...

6.5CVSS0.00196EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS5.9AI score0.00196EPSS

Exploits0References1

CVE•added 2025/09/22 6:22 p.m.•8 views

CVE-2025-58683

The Connected documents provide concrete details for CVE-2025-58683: Affected software is the Last Updated Shortcode WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin component responsible for “Last Updated Shortcode.” The issue arises from improper neutrali...

6.5CVSS5.9AI score0.00196EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:22 p.m.•10 views

CVE-2025-58683 WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through = 1.0.1...

6.5CVSS0.00196EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:22 p.m.•1 views

CVE-2025-58683 WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

6.5CVSS5.9AI score0.00196EPSS

Exploits0References1

RedhatCVE•added 2025/09/22 4:32 a.m.•9 views

CVE-2025-10181

The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

6.4CVSS5AI score0.00223EPSS

Exploits0References1

Positive Technologies•added 2025/09/22 12:0 a.m.•4 views

PT-2025-38839

Name of the Vulnerable Software and Affected Versions Brajesh Singh WordPress Widgets Shortcode versions through 1.0.3 Description The software contains a flaw due to improper handling of input during the creation of web pages, specifically a Stored Cross-site Scripting issue. This allows for the...

6.5CVSS6.4AI score0.00208EPSS

Exploits0References3

CNNVD•added 2025/09/22 12:0 a.m.•4 views

WordPress plugin ShortCode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.8AI score0.00258EPSS

Exploits0References2

Positive Technologies•added 2025/09/22 12:0 a.m.•3 views

PT-2025-38872

Name of the Vulnerable Software and Affected Versions maxpagels ShortCode versions through 0.8.1 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks. The issue...

6.5CVSS5.6AI score0.00258EPSS

Exploits0References3

Positive Technologies•added 2025/09/22 12:0 a.m.•2 views

PT-2025-38871

Name of the Vulnerable Software and Affected Versions douglaskarr List Child Pages Shortcode versions through 1.3.1 Description The software contains a flaw due to improper handling of input during the creation of web pages, specifically a Cross-site Scripting issue. This allows for Stored XSS,...

6.5CVSS6AI score0.00258EPSS

Exploits0References3

CNNVD•added 2025/09/22 12:0 a.m.•2 views

WordPress plugin WordPress Widgets Shortcode 跨站脚本漏洞

6.5CVSS5.8AI score0.00208EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by