WordPress Orders Tracking for WooCommerce plugin <= 1.2.10 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Orders Tracking for WooCommerce versions = 1.2.10...

PT-2024-28822 · WordPress · Orders Tracking For Woocommerce

Name of the Vulnerable Software and Affected Versions: The Orders Tracking for WooCommerce plugin for WordPress versions up to 1.2.10 Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the plugin not properly validating a value before running do...

CVE-2024-3808 Porto Theme - Functionality <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'portoportfolios' shortcode 'portfoliolayout' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions,...

CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution

The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...

CVE-2024-4038

The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro WordPress plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to 5.3.1. The issue arises because the plugin executes do_shortcode on a value without proper validation, enabling attackers to ...

CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution

The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...

CVE-2024-4411 Mihdan: Yandex Turbo Feed <= 1.6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Mihdan: Yandex Turbo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.6.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-4383 Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Porto Theme - Functionality plugin <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode/post meta vulnerability

WordPress Porto Theme - Functionality plugin = 3.1.0 - Authenticated Contributor+ Local File Inclusion via Shortcode/post meta vulnerability discovered by István Márton in WordPress Plugin Porto Theme - Functionality versions = 3.1.0...

PT-2024-30691 · WordPress · Simple Membership

Name of the Vulnerable Software and Affected Versions: Simple Membership plugin for WordPress versions up to, and including, 4.4.5 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the swpm paypal subscription cancel link...

PT-2024-28371 · WordPress · Swift Framework

Name of the Vulnerable Software and Affected Versions: Swift Framework plugin for WordPress versions prior to 2.7.32 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in several of the plugin's shortcodes, allowing authenticated...

PT-2024-30954 · Yandex · Yandex Turbo Feed Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Mihdan: Yandex Turbo Feed plugin for WordPress versions up to, and including, 1.6.5.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's shortcodes, allowing...

WordPress Themify Shortcodes plugin <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via themifybutton Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Themify Shortcodes versions = 2.0.9...

CVE-2024-4135 WP Latest Posts <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

CVE-2024-4135

CVE-2024-4135 affects the WP Latest Posts WordPress plugin, vulnerable in all versions up to 5.0.7. Unauthenticated attackers can trigger arbitrary shortcodes due to unvalidated user input used by do_shortcode. CVSS v3.1 base score 5.4 (Medium). A patched version exists; remediation is to update ...

WordPress WP Latest Posts plugin <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin WP Latest Posts versions = 5.0.7...

WordPress Link Library plugin <= 7.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via link-library Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via link-library Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Link Library versions = 7.6.11...

WordPress Back In Stock Notifier for WooCommerce plugin <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Back In Stock Notifier for WooCommerce versions = 5.3.1...

PT-2024-26260 · WordPress · Mesmerize Companion

Name of the Vulnerable Software and Affected Versions: Mesmerize Companion plugin for WordPress versions up to, and including, 1.6.148 Description: The issue is related to Stored Cross-Site Scripting via the plugin's mesmerize contact form shortcode due to insufficient input sanitization and outp...

PT-2024-30173 · WordPress · Link Library

Name of the Vulnerable Software and Affected Versions: Link Library plugin for WordPress versions up to, and including, 7.6.11 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode due to insufficient input sanitization and output escaping on...