CVE-2023-51373

CVE-2023-51373 refers to a Reflected XSS in the Google Photos Gallery with Shortcodes WordPress plugin (affected up to 4.0.2). The root cause is improper neutralization of input during web page generation. Impact could be browser-executed payloads if exploited. Remediation: upgrade to 4.0.2 (or l...

WordPress Plugin Google Photos Gallery with Shortcodes Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Google Photos Gallery with Shortcodes Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Google Photos Gallery with Shortcodes Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51373 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 67df1357fab0 Credits Le Ngoc An...

CVE-2023-49773

Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23...

CVE-2023-49773

Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23...

CVE-2023-49773 WordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23...

CVE-2023-49773

CVE-2023-49773 affects BCorp Shortcodes WordPress plugin

WordPress Plugin BCorp Shortcodes Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

PT-2023-31343 · Unknown · Bcorp Shortcodes

Name of the Vulnerable Software and Affected Versions: BCorp Shortcodes versions 0.23 and earlier Description: The issue is related to the deserialization of untrusted data. This can potentially lead to security risks, as deserializing untrusted data can allow an attacker to execute malicious cod...

CVE-2023-6488

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplie...

CVE-2023-6488

CVE-2023-6488 concerns the WP Shortcodes Plugin — Shortcodes Ultimate for WordPress. The issue is a stored cross-site scripting (XSS) vulnerability in the plugin’s shortcodes (su_button, su_members, su_tabs) present in all versions up to 7.0.0. The root cause is insufficient input sanitization an...

CVE-2023-6488 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplie...

WP Shortcodes Plugin — Shortcodes Ultimate < 7.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on...

WordPress Shortcodes Ultimate Plugin <= 7.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.0 Fixed in 7.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6488 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b6d59c7090f Credits Webbernaut Required...

WordPress Plugin WP Shortcodes Plugin Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-50368

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.2...

CVE-2023-50368

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.2...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Shortcodes and extra features for Phlox theme allows Stored XSS.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.2...

CVE-2023-50368

CVE-2023-50368 affects the WordPress plugin Shortcodes and extra features for Phlox theme (Averta Shortcodes) up to version 2.15.2. The issue is an improper neutralization of user input during web page generation, enabling Stored XSS. Public records from multiple sources confirm the vulnerability...