9013 matches found
WordPress Related Post Shortcode Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Pham Ngoc Duy Patchstack Alliance in WordPress Plugin Related Post Shortcode versions = 1.2...
WordPress JSM Screenshot Machine Shortcode plugin <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin JSM Screenshot Machine Shortcode versions = 2.3.0...
PT-2025-2157 · WordPress · Payment Button For Paypal
Name of the Vulnerable Software and Affected Versions: Payment Button for PayPal plugin for WordPress versions up to, and including, 1.2.3.35 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the wp paypal checkout shortcode. Thi...
PT-2025-2154 · WordPress · Checkout For Paypal
Name of the Vulnerable Software and Affected Versions: Checkout for PayPal plugin for WordPress versions up to, and including, 1.0.32 Description: The issue is related to Stored Cross-Site Scripting via the plugin's checkout for paypal shortcode due to insufficient input sanitization and output...
CVE-2025-23943
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...
CVE-2025-23946
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...
CVE-2025-23896
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...
CVE-2025-23893
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manny Costales GMap Shortcode gmap-shortcode allows DOM-Based XSS.This issue affects GMap Shortcode: from n/a through = 2.0...
CVE-2025-23825
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osuthorpe Easy Shortcode Buttons easy-shortcode-buttons allows Stored XSS.This issue affects Easy Shortcode Buttons: from n/a through = 1.2...
CVE-2025-23642
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pflonk Sidebar-Content from Shortcode sidebar-content-from-shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through = 2.0...
CVE-2025-23642
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pflonk Sidebar-Content from Shortcode sidebar-content-from-shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from Shortcode: from n/a through = 2.0...
CVE-2025-23618
Cross-Site Request Forgery CSRF vulnerability in starise Twitter Shortcode twitter-shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through = 0.9...
CVE-2025-23569
Cross-Site Request Forgery CSRF vulnerability in Kelvin Ng Shortcode in Comment shortcode-in-comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through = 1.1.1...
CVE-2025-23943 WordPress PDF.js Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...
CVE-2025-23946 WordPress Enhanced YouTube Shortcode plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Le-Pixel-Solitaire Enhanced YouTube Shortcode enhanced-youtube-shortcode allows Stored XSS.This issue affects Enhanced YouTube Shortcode: from n/a through = 2.0.1...
CVE-2025-23943 WordPress PDF.js Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...
CVE-2025-23943
Technical details about CVE-2025-23943 are not publicly provided in the supplied documents. It is described as a Stored XSS in PDF.js Shortcode affecting PDF.js Shortcode up to 1.0. Monitor vendor advisories and patch releases for updates.
CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...
CVE-2025-23896 WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thom4 Mindmeister Shortcode mindmeister-shortcode allows DOM-Based XSS.This issue affects Mindmeister Shortcode: from n/a through = 1.0...
CVE-2025-23896
CVE-2025-23896 describes a DOM-based XSS in Mindmeister Shortcode (Mindmeister Shortcode) due to improper input neutralization during web page generation, affecting Mindmeister Shortcode: from n/a through 1.0. No patch/mitigation details are provided in the supplied documents.