8997 matches found
CVE-2024-51610
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4...
CVE-2024-51610
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in seothemes Display Terms Shortcode display-terms-shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through = 1.0.4...
CVE-2024-51609
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...
CVE-2024-51609
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Elsner Technologies Pvt. Ltd. Emoji Shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through 1.0.0...
CVE-2024-51612
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in designerken Reftagger Shortcode reftagger-shortcode allows Stored XSS.This issue affects Reftagger Shortcode: from n/a through = 1.1...
CVE-2024-51609 WordPress Emoji Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...
CVE-2024-51609 WordPress Emoji Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aakif Kadiwala Emoji Shortcode emoji-shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through = 1.0.0...
CVE-2024-51610
CVE-2024-51610 is a stored XSS in the WordPress plugin Display Terms Shortcode (vulnerable: 1.0.4 and earlier). The issue stems from improper input neutralization during page generation, enabling stored scripts. Public sources identify the affected plugin versions as <= 1.0.4; remediation deta...
CVE-2024-51612
CVE-2024-51612 : Stored XSS in WordPress plugin “Reftagger Shortcode” (versions n/a–1.1) due to improper input neutralization during web page generation. Public docs confirm this vulnerability affects the Reftagger Shortcode plugin up to v1.1; exploitation details are not provided, and no patch/v...
CVE-2024-10640
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-10261
The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not...
CVE-2024-10261 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution
The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not...
CVE-2024-10261 Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction <= 2.13.0 - Unauthenticated Arbitrary Shortcode Execution
The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not...
CVE-2024-10261
CVE-2024-10261 affects the Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction WordPress plugin (
CVE-2024-10640 The FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode Execution
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-10640
CVE-2024-10640 concerns the FOX – Currency Switcher Professional for WooCommerce (WordPress) plugin. It allows unauthenticated users to trigger arbitrary shortcode execution because the value passed to do_shortcode is not properly validated. Affected versions are up to and including 1.4.2.2; the ...
CVE-2024-10640 The FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.2 - Unauthenticated Arbitrary Shortcode Execution
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-51625
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...
CVE-2024-51625 WordPress Quran Shortcode plugin <= 1.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in edckwt Quran Shortcode quran-shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through = 1.5...
CVE-2024-51625
CVE-2024-51625 is a WordPress plugin issue in Quran Shortcode (EDC Team) with an SQL injection vulnerability. Connected sources confirm: affected software is Quran Shortcode versions up to 1.5 (and earlier); root cause is improper neutralization of special elements in SQL commands, leading to bli...