CVE-2024-51576

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpza AMP Img Shortcode amp-img-shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a through = 1.0.1...

CVE-2024-51576 WordPress AMP Img Shortcode plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpza AMP Img Shortcode amp-img-shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a through = 1.0.1...

CVE-2024-51576 WordPress AMP Img Shortcode plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpza AMP Img Shortcode amp-img-shortcode allows Stored XSS.This issue affects AMP Img Shortcode: from n/a through = 1.0.1...

CVE-2024-51576

CVE-2024-51576 is a Stored XSS in the WordPress AMP Img Shortcode plugin (AMP Img Shortcode) affecting versions up to 1.0.1. The issue arises from improper neutralization of input during web page generation, enabling stored cross-site scripting. The CVE is documented with ranges indicating the vu...

PT-2024-34716 · Unknown · Ml Responsive Audio Player With Playlist Shortcode

Name of the Vulnerable Software and Affected Versions: ML Responsive Audio player with playlist Shortcode versions 0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

WordPress plugin The WP Photo Album Plus 代码注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Give is a fundraising platform plugin used in it.WordPress plugin is an application...

WordPress plugin AMP Img Shortcode 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2024-34719 · WordPress · Wpza Amp Img Shortcode

Name of the Vulnerable Software and Affected Versions: WPZA AMP Img Shortcode versions 1.0.0 through 1.0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means that an attacker...

PT-2024-35194 · Andrew Milo · Postcasa Shortcode

Name of the Vulnerable Software and Affected Versions: Postcasa Shortcode versions 1.0 and earlier Description: The issue is related to an Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This is a DOM-Based XSS vulnerability in the Andrew Milo...

PT-2024-16662 · WordPress · Wp Photo Album Plus

Name of the Vulnerable Software and Affected Versions: WP Photo Album Plus versions prior to 8.8.08.007 WP Photo Album Plus versions prior to 8.8.08.004 Description: The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via the getshortcodedrenderedfenodelay...

CVE-2024-51610

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4...

CVE-2024-51610

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in seothemes Display Terms Shortcode display-terms-shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through = 1.0.4...

CVE-2024-51609

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elsner Technologies Pvt. Ltd. Emoji Shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through 1.0.0...

CVE-2024-51609

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...

CVE-2024-51612

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designerken Reftagger Shortcode reftagger-shortcode allows Stored XSS.This issue affects Reftagger Shortcode: from n/a through = 1.1...

CVE-2024-51609 WordPress Emoji Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...

CVE-2024-51609 WordPress Emoji Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...

CVE-2024-51610

CVE-2024-51610 is a stored XSS in the WordPress plugin Display Terms Shortcode (vulnerable: 1.0.4 and earlier). The issue stems from improper input neutralization during page generation, enabling stored scripts. Public sources identify the affected plugin versions as &lt;= 1.0.4; remediation deta...

CVE-2024-51612

CVE-2024-51612 : Stored XSS in WordPress plugin “Reftagger Shortcode” (versions n/a–1.1) due to improper input neutralization during web page generation. Public docs confirm this vulnerability affects the Reftagger Shortcode plugin up to v1.1; exploitation details are not provided, and no patch/v...

CVE-2024-10640

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...