CVE-2025-23943 WordPress PDF.js Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...

CVE-2025-23943 WordPress PDF.js Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...

CVE-2025-23946 WordPress Enhanced YouTube Shortcode plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...

CVE-2025-23943

Technical details about CVE-2025-23943 are not publicly provided in the supplied documents. It is described as a Stored XSS in PDF.js Shortcode affecting PDF.js Shortcode up to 1.0. Monitor vendor advisories and patch releases for updates.

CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...

CVE-2025-23896

CVE-2025-23896 describes a DOM-based XSS in Mindmeister Shortcode (Mindmeister Shortcode) due to improper input neutralization during web page generation, affecting Mindmeister Shortcode: from n/a through 1.0. No patch/mitigation details are provided in the supplied documents.

CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...

CVE-2025-23893 WordPress GMap Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...

CVE-2025-23893 WordPress GMap Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...

CVE-2025-23893

CVE-2025-23893 : DOM-based XSS in GMap Shortcode (Manuel Costales) allowed by improper input neutralization during web page generation. Affected: GMap Shortcode versions up to 2.0 (n/a through 2.0). Public records from Red Hat repeat the vulnerability description; Wordfence lists the vulnerabilit...

CVE-2025-23825 WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osuthorpe Easy Shortcode Buttons easy-shortcode-buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through = 1.2...

CVE-2025-23825 WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osuthorpe Easy Shortcode Buttons easy-shortcode-buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through = 1.2...

CVE-2025-23825

CVE-2025-23825 is a Stored XSS in the WordPress plugin Easy Shortcode Buttons (affected up to version 1.2). Root cause: Improper neutralization of input during web page generation. Impact per provided metrics indicates low confidentiality, integrity, and availability impact. Red Hat and other con...

CVE-2025-23791 WordPress Horizontal Line Shortcode Plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mikakaltoft Horizontal Line Shortcode horizontal-line-shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through = 1.0...

CVE-2025-23618 WordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in starise Twitter Shortcode twitter-shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through = 0.9...

CVE-2025-23618

CVE-2025-23618 is a Cross-Site Request Forgery (CSRF) vulnerability in the Twitter Shortcode plugin by Andrea Brandi that enables Stored XSS. The affected product is Twitter Shortcode from an unspecified start version up to 0.9. The Red Hat CVE entry confirms the CSRF-to-Stored XSS behavior, but ...

CVE-2025-23569 WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kelvin Ng Shortcode in Comment shortcode-in-comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through = 1.1.1...

CVE-2025-23569 WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1...

CVE-2025-23569

CVE-2025-23569 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Shortcode in Comment” by Kelvin Ng, which allows Stored XSS. The vulnerability affects the Shortcode in Comment plugin version range up to 1.1.1 (inclusive). The hosted CVE details also cite a CVSS...

WordPress Enhanced YouTube Shortcode plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Enhanced YouTube Shortcode versions = 2.0.1...