PT-2024-33251 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.7.2 Description: The issue allows authenticated attackers with Contributor-level access and above to include remote files on the server, resulting in code execution...

WordPress Easy Social Like Box plugin <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Easy Social Like Box – Popup – Sidebar Widget versions = 4.0...

CVE-2024-5536

The GamiPress – Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gamipresslink shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-4939

The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's div shortcode in all versions up to, and including, 6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

WordPress LifterLMS plugin <= 7.6.2 - Authenticated (Contributor+) SQL Injection via Shortcode vulnerability

Authenticated Contributor+ SQL Injection via Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin LifterLMS versions = 7.6.2...

Album and Image Gallery plus Lightbox < 2.1 - Unauthenticated Arbitrary Shortcode Execution

Description The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...

Colibri Page Builder < 1.0.277 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2024-35734 · WordPress · Simple Image Popup Shortcode

Name of the Vulnerable Software and Affected Versions: The Simple Image Popup Shortcode plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'sips popup' shortcode due to insufficient input sanitization and outpu...

PT-2024-32374 · WordPress · Testimonials Widget

Name of the Vulnerable Software and Affected Versions: Testimonials Widget plugin for WordPress versions up to, and including, 4.0.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's testimonials shortcode due to insufficient input sanitization and output escaping ...

PT-2024-29648 · WordPress · Album/Image Gallery Plus Lightbox

Name of the Vulnerable Software and Affected Versions: The Album and Image Gallery plus Lightbox plugin for WordPress versions up to, and including, 2.0 Description: The issue is related to arbitrary shortcode execution. This is due to the software allowing users to execute an action that does no...

Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC 1. Add a checklist and for an item...

PT-2024-35136 · WordPress · The Easy Social Like Box – Popup – Sidebar Widget

Name of the Vulnerable Software and Affected Versions: The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress versions up to, and including, 4.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'cardoza facebook like box' shortcode due to...

Frontend Checklist <= 2.3.2 - Admin+ Stored XSS via Items

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Add a checklist and for an item,...

CVE-2024-5485

The SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Trigger Link shortcode in all versions up to, and including, 1.0.47 due to insufficient input sanitization and output escaping on user...

WordPress SureTriggers plugin <= 1.0.47 - Authenticated (Contributor+) Stored Cross-Site Scripting via Trigger Link Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Trigger Link Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin OttoKit versions = 1.0.47...

WordPress tagDiv Composer plugin <= 4.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via button Shortcode vulnerability discovered by Truoc Phan in WordPress Plugin tagDiv Composer versions = 4.8...

WordPress Content Blocks (Custom Post Widget) plugin <= 3.3.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode vulnerability

Authenticated Contributor+ Local File Inclusion via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Content Blocks Custom Post Widget versions = 3.3.0...

CVE-2024-3565

The Content Blocks Custom Post Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'contentblock' shortcode in all versions up to, and including, 3.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-4711

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ajaxloadmore shortcode in versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

PT-2024-14942 · WordPress · The Master Slider

Name of the Vulnerable Software and Affected Versions: The Master Slider – Responsive Touch Slider plugin for WordPress versions up to, and including, 3.9.9 Description: The issue arises from insufficient input sanitization and output escaping on the user-supplied css class attribute in the...