CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

876 matches found

NVD•added 2025/11/06 9:15 a.m.•2 views

CVE-2025-11268

The Strong Testimonials plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.2.16. This is due to the software allowing users to submit a testimonial in which a value is not properly validated or sanitized prior to being passed to a doshortco...

4.3CVSS0.00228EPSS

Exploits0References2

CVE•added 2025/11/06 8:26 a.m.•12 views

CVE-2025-11268

The CVE-2025-11268 entry for Strong Testimonials (WordPress) is confirmed by Wordfence as a vulnerability in all versions up to 3.2.16, enabling unauthenticated attackers to trigger arbitrary shortcodes when an administrator previews or publishes a crafted testimonial. The issue is caused by insu...

4.3CVSS6.3AI score0.00228EPSS

Exploits0References2

Cvelist•added 2025/11/06 8:26 a.m.•5 views

CVE-2025-11268 Strong Testimonials <= 3.2.16 - Unauthenticated Arbitrary Shortcode Execution

4.3CVSS0.00228EPSS

Exploits0References2

EUVD•added 2025/11/06 8:26 a.m.•2 views

EUVD-2025-37981

4.3CVSS6.2AI score0.00228EPSS

Exploits0References3

Vulnrichment•added 2025/11/06 8:26 a.m.•2 views

CVE-2025-11268 Strong Testimonials <= 3.2.16 - Unauthenticated Arbitrary Shortcode Execution

4.3CVSS6.3AI score0.00228EPSS

Exploits0References2

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45181

Name of the Vulnerable Software and Affected Versions Strong Testimonials plugin for WordPress versions prior to 3.2.17 Description The Strong Testimonials plugin for WordPress is susceptible to arbitrary shortcode execution. The software does not properly validate or sanitize user-submitted...

4.3CVSS7.2AI score0.00228EPSS

Exploits0References4

CNNVD•added 2025/10/26 12:0 a.m.•3 views

WordPress plugin Discussion Board - WordPress Forum Plugin Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...

6.3CVSS5.9AI score0.0024EPSS

Exploits0References1

EUVD•added 2025/10/25 9:32 a.m.•2 views

EUVD-2025-35923

The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.5.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. Th...

6.3CVSS6AI score0.0024EPSS

Exploits0References3

CVE•added 2025/10/25 6:49 a.m.•24 views

CVE-2025-8483

The CVE-2025-8483 entry concerns the Discussion Board – WordPress Forum Plugin for WordPress (versions up to 2.5.5). The root cause is improper validation before do_shortcode, allowing authenticated users with Subscriber+ privileges to trigger arbitrary shortcode execution. Severity in public rep...

6.3CVSS6.1AI score0.0024EPSS

Exploits0References2

Cvelist•added 2025/10/25 6:49 a.m.•7 views

CVE-2025-8483 Discussion Board – WordPress Forum Plugin <= 2.5.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

6.3CVSS0.0024EPSS

Exploits0References2

Vulnrichment•added 2025/10/25 6:49 a.m.•2 views

CVE-2025-8483 Discussion Board – WordPress Forum Plugin <= 2.5.5 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

6.3CVSS6.1AI score0.0024EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-9191