PT-2026-28213

The Responsive Plus WordPress plugin before 3.4.3 is vulnerable to arbitrary shortcode execution due to the software allowing unauthenticated users to execute the update responsive woo free shipping left shortcode AJAX action that does not properly validate the content rech data parameter before...

PT-2024-39397 · WordPress · The Popup Builder

Name of the Vulnerable Software and Affected Versions: The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress versions up to 1.3.5 Description: The issue allows arbitrary shortcode execution via the wp ajax nopriv shortcode Api Add AJAX action. This is due to the...