WordPress Cooked Plugin <= 1.8.0 - Authenticated (Subscriber+) Persistent Cross-Site Scripting via Shortcode vulnerability

Authenticated Subscriber+ Persistent Cross-Site Scripting via Shortcode vulnerability discovered by re-alter in WordPress Plugin Cooked versions = 1.8.0...

WordPress Horizontal scrolling announcements plugin <= 2.4 - Authenticated (Contributor+) SQL Injection via Shortcode vulnerability

Authenticated Contributor+ SQL Injection via Shortcode vulnerability discovered by István Márton in WordPress Plugin Horizontal scrolling announcements versions = 2.4...

PT-2024-37417 · WordPress · Flipbox Builder

Name of the Vulnerable Software and Affected Versions: Flipbox Builder plugin for WordPress versions up to, and including, 1.5 Description: The issue allows authenticated attackers with Contributor-level access and above to inject a PHP Object via deserialization of untrusted input in the flipbox...

PT-2024-37758 · WordPress · All-In-One Video Gallery

Name of the Vulnerable Software and Affected Versions: All-in-One Video Gallery plugin for WordPress versions up to, and including, 3.7.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's Video shortcode, allowing...

CVE-2024-6256

The Feeds for YouTube YouTube video, channel, and gallery plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'youtube-feed' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied...

WordPress MP3 Audio Player for Music, Radio & Podcast by Sonaar plugin <= 5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via sonaar_audioplayer Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via sonaaraudioplayer Shortcode vulnerability discovered by wesley wcraft in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions = 5.5...

CVE-2024-6363

The Stock Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stockticker shortcode in all versions up to, and including, 3.24.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2024-37568 · WordPress · Stock Ticker

Name of the Vulnerable Software and Affected Versions: Stock Ticker plugin for WordPress versions up to, and including, 3.24.4 Description: The issue is related to Stored Cross-Site Scripting via the stock ticker shortcode due to insufficient input sanitization and output escaping on user-supplie...

WordPress WPCafe plugin <= 2.2.25 - Authenticated (Contributor+) File inclusion via Shortcode vulnerability

Authenticated Contributor+ File inclusion via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin WPCafe versions = 2.2.25...

WordPress DOP Shortcodes plugin <= 1.2 - Contributor+ Stored XSS via Shortcode vulnerability

Contributor+ Stored XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin DOP Shortcodes versions = 1.2...

CVE-2024-4565

CVE-2024-4565 affects Advanced Custom Fields (ACF) for WordPress and ACF Pro prior to version 6.3, where a shortcode can display a post’s custom field values without proper access checks. This is an information disclosure issue involving unauthorized access to field data via shortcode rendering. ...

CVE-2024-2695

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.13 due to insufficient input sanitization and output escaping on user supplied attributes such as 'borderradius' and 'timestamp'. Th...

WordPress Collapse-O-Matic plugin <= 1.8.5.8 - Authenticated Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Stored Cross-Site Scripting via Shortcode vulnerability discovered by Jack Taylor in WordPress Plugin Collapse-O-Matic versions = 1.8.5.8...

WordPress Restaurant Menu and Food Ordering plugin <= 2.4.0 - Authenticated Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Stored Cross-Site Scripting via Shortcode vulnerability discovered by Lucio Sá in WordPress Plugin Restaurant Menu – Food Ordering System – Table Reservation versions = 2.4.0...

CVE-2023-6745

The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cpt' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied post meta. This makes it possible for authenticated...

CVE-2024-4703

The One Page Express Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's onepageexpresscontactform shortcode in all versions up to, and including, 1.6.37 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Colibri Page Builder plugin <= 1.0.276 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Ngô Thiên An ancorn in WordPress Plugin Colibri Page Builder versions = 1.0.276...

WordPress Rotating Tweets plugin <= 1.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Rotating Tweets versions = 1.9.10...

WordPress Materialis Companion plugin <= 1.3.41 - Authenticated (Contributor+) Store Cross-Site Scripting via materialis_contact_form Shortcode vulnerability

Authenticated Contributor+ Store Cross-Site Scripting via materialiscontactform Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Materialis Companion versions = 1.3.41...

CVE-2024-5224

The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardozafacebooklikebox' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes...