Carousel Slider < 2.2.7 - Editor+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Add a new slider at "Carousel Slide...

Meta Box < 5.9.4 - Contributor+ Arbitrary Posts' Custom Field Disclosure

Description The plugin does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts. 1. ADMIN: Install Meta Box 2. ADMIN: Add Meta Box fields through code or the premium add-on...

Media Library Assistant < 3.14 - Authenticated (Contributor+) SQL Injection via Shortcode

Description The Media Library Assistant plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcodes in all versions up to, and including, 3.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

WooCommerce < 8.6 - Contributor+ Private/Draft Products Access

Description The plugin does not prevent users with at least the contributor role from leaking products they shouldn't have access to. e.g. private, draft and trashed products 1. ADMIN: Install WooCommerce 2. ADMIN: Add products of various visibility and statuses including Publish, Draft, Private,...

PT-2024-19638 · WordPress · Easy Textillate

Name of the Vulnerable Software and Affected Versions: Easy Textillate plugin for WordPress versions up to, and including, 2.01 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's textillate shortcode. This allows...

Testimonial Slider < 2.3.8 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup 1. Go to "Testimonial Shortcode" 2. Ad...

WordPress Plugin LiquidPoll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-1450

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.10 due to insufficient input sanitization and output escaping on user supplied attributes such as 'align'. This makes it possible fo...

CVE-2024-0966

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes like 'infotext'. This makes it possible for...

CVE-2023-6500

The Shariff Wrapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shariff' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on user supplied attributes such as 'secondarycolor' and 'maincolor'...

WordPress Plugin Shariff Wrapper 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2024-1799

The GamiPress – The 1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to SQL Injection via the 'achievementtypes' attribute of the gamipressearnings shortcode in all versions up to, and including, 6.8.6 due to insufficient escapin...

CVE-2024-2460

The GamiPress – Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gamipressbutton' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

Popup Maker – Popup for opt-ins, lead gen, & more < 1.18.3 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

Builder for WooCommerce reviews shortcodes – ReviewShort < 1.01.4 - Cross-Site Request Forgery

Description The Builder for WooCommerce reviews shortcodes – ReviewShort plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.01.3. This is due to missing or incorrect nonce validation on the wprshrtcdredirect function. This makes it possible for...

PT-2024-19643 · WordPress · Animated Headline

Name of the Vulnerable Software and Affected Versions: Animated Headline plugin for WordPress versions up to, and including, 4.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'animated-headline' shortcode. This allows...

Sitekit < 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Sitekit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attacker...

PT-2024-20471 · WordPress · Ux Flat

Name of the Vulnerable Software and Affected Versions: UX Flat plugin for WordPress versions up to, and including, 4.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'button' shortcode due to insufficient input sanitization and output escaping on user-supplied...

CVE-2024-1401

The Profile Box Shortcode And Widget WordPress plugin before 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2024-1401

CVE-2024-1401 affects Profile Box Shortcode And Widget for WordPress, prior to version 1.2.1. Root cause: settings are not sanitized/escaped, enabling Stored XSS for admin-level users (and higher) even when unfiltered_html is disallowed (e.g., multisite). Impact: Stored XSS could compromise site ...