WordPress Shortcodes Finder Plugin <= 1.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Finder Type Plugin Vulnerable versions = 1.5.3 Fixed in 1.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47695 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cce9a201a0da Credits thiennv Require...

CVE-2023-47231

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bainternet ShortCodes UI plugin = 1.9.8 versions...

CVE-2023-47231

A vulnerability in Bainternet ShortCodes UI shortcodes-ui.This issue affects ShortCodes UI: from n/a through = 1.9.8...

CVE-2023-47231

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bainternet ShortCodes UI plugin = 1.9.8 versions...

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bainternet ShortCodes UI plugin = 1.9.8 versions...

CVE-2023-47231 WordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Bainternet ShortCodes UI plugin = 1.9.8 versions...

CVE-2023-47231

CVE-2023-47231 affects Bainternet ShortCodes UI plugin on WordPress (versions

WordPress Plugin shortcodes-ui Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

PT-2023-30378 · WordPress · Bainternet Shortcodes Ui

Name of the Vulnerable Software and Affected Versions: Bainternet ShortCodes UI plugin versions 1.9.8 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or higher permissions. There is no information provided about t...

Mmm Simple File List <= 2.3 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks As a contributor, put the below...

WordPress ShortCodes UI Plugin <= 1.9.8 is vulnerable to Cross Site Scripting (XSS)

Software ShortCodes UI Type Plugin Vulnerable versions = 1.9.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47231 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1d2b471bd5be Credits Abdi Pranata Required...

Simple Shortcodes <= 1.0.20 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not sufficiently sanitize input or escape output on user-supplied attributes, resulting in a potential for Stored Cross-Site Scripting via shortcodes. This flaw makes it possible for users with contributor-level permissions or higher to inject arbitrary web scripts int...

CVE-2023-5237

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5237

The CVE covers the WordPress plugin Memberlite Shortcodes (pre-1.3.9). Root cause: the plugin does not validate or escape some shortcode attributes before output, enabling Stored XSS. Impact: could be used by a low-privilege user (as low as contributor) to target higher-privilege users (e.g., adm...

WordPress Memberlite Shortcodes Plugin < 1.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Memberlite Shortcodes Type Plugin Vulnerable versions 1.3.9 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5237 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ce33c2810ef4 Credits Dmitrii Ignatyev...

WordPress Plugin Memberlite Shortcodes Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-31965 · WordPress · Memberlite Shortcodes

Name of the Vulnerable Software and Affected Versions: Memberlite Shortcodes WordPress plugin versions prior to 1.3.9 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admi...

CVE-2023-5566

The Simple Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2023-5566

The Simple Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...