10 matches found
EUVD-2026-24692
The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ts shortcode in all versions up to, and including, 0.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2026-5748
The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ts shortcode in all versions up to, and including, 0.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2026-5748 Text Snippets <= 0.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'w' Shortcode Attribute
The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ts shortcode in all versions up to, and including, 0.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2026-5748
The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ts shortcode in all versions up to, and including, 0.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2026-5748
CVE-2026-5748 describes a Stored Cross-Site Scripting vulnerability in the Text Snippets WordPress plugin (versions up to 0.0.1) where the ts shortcode attribute is not properly sanitized/escaped. Authenticated attackers with contributor-level access can inject scripts into pages, which execute f...
CVE-2026-5748 Text Snippets <= 0.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'w' Shortcode Attribute
The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ts shortcode in all versions up to, and including, 0.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
PT-2026-34302
Name of the Vulnerable Software and Affected Versions Text Snippets versions prior to 0.0.2 Description The Text Snippets plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping on user supplied attributes within th...
WordPress plugin Text Snippets 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
EUVD-2026-22750
Docmost is open-source collaborative wiki and documentation software. An authorization bypass vulnerability in versions 0.70.0 through 0.70.2 exposes restricted child page titles and text snippets through the public search endpoint POST /api/search/share-search for publicly shared content. This...
CVE-2026-33146
Docmost is open-source collaborative wiki and documentation software. An authorization bypass vulnerability in versions 0.70.0 through 0.70.2 exposes restricted child page titles and text snippets through the public search endpoint POST /api/search/share-search for publicly shared content. This...