11 matches found
CVE-2024-13557
CVE-2024-13557 affects the Shortcodes by United Themes plugin for WordPress. All versions up to 5.1.6 are vulnerable to unauthenticated arbitrary shortcode execution because do_shortcode can be invoked without proper input validation. The impact is ability to execute arbitrary shortcodes, with no...
WordPress Shortcodes by United Themes plugin <= 5.1.6 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Shortcodes by United Themes versions = 5.1.6...
WordPress plugin Shortcodes by United Themes 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A code injection vulnerability exists in WordPress plugin...
CVE-2024-37097
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...
CVE-2024-37097
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...
CVE-2024-37097 WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...
CVE-2024-37097 WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...
CVE-2024-37097
CVE-2024-37097: Reflected XSS in Shortcodes by United Themes (WordPress plugin). Affected: Shortcodes by United Themes
PT-2024-27295 · Unitedthemes · Shortcodes
Name of the Vulnerable Software and Affected Versions: Shortcodes by United Themes versions prior to 5.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For...
WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Shortcodes by United Themes versions 5.0.5...
WordPress Shortcodes by United Themes Plugin < 5.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes by United Themes Type Plugin Vulnerable versions 5.0.5 Fixed in 5.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37097 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6a3726b5a722 Credits Rafie Muhammad...