Lucene search
K

11 matches found

CVE
CVE
added 2025/03/29 7:3 a.m.57 views

CVE-2024-13557

CVE-2024-13557 affects the Shortcodes by United Themes plugin for WordPress. All versions up to 5.1.6 are vulnerable to unauthenticated arbitrary shortcode execution because do_shortcode can be invoked without proper input validation. The impact is ability to execute arbitrary shortcodes, with no...

6.5CVSS7.8AI score0.00313EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/03/29 12:5 a.m.4 views

WordPress Shortcodes by United Themes plugin <= 5.1.6 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Shortcodes by United Themes versions = 5.1.6...

6.5CVSS7.1AI score0.00313EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/29 12:0 a.m.4 views

WordPress plugin Shortcodes by United Themes 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A code injection vulnerability exists in WordPress plugin...

6.5CVSS9.1AI score0.00313EPSS
Exploits0References3
NVD
NVD
added 2024/07/22 10:15 a.m.17 views

CVE-2024-37097

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...

7.1CVSS0.00288EPSS
Exploits0References1
OSV
OSV
added 2024/07/22 10:15 a.m.2 views

CVE-2024-37097

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...

6.1CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/22 10:0 a.m.13 views

CVE-2024-37097 WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...

7.1CVSS7AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/22 10:0 a.m.19 views

CVE-2024-37097 WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5...

7.1CVSS0.00288EPSS
Exploits0References1
CVE
CVE
added 2024/07/22 10:0 a.m.45 views

CVE-2024-37097

CVE-2024-37097: Reflected XSS in Shortcodes by United Themes (WordPress plugin). Affected: Shortcodes by United Themes

7.1CVSS7AI score0.00288EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.5 views

PT-2024-27295 · Unitedthemes · Shortcodes

Name of the Vulnerable Software and Affected Versions: Shortcodes by United Themes versions prior to 5.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: For...

7.1CVSS6.8AI score0.00288EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/06/20 8:31 a.m.4 views

WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Shortcodes by United Themes versions 5.0.5...

7.1CVSS6.1AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/06/20 12:0 a.m.8 views

WordPress Shortcodes by United Themes Plugin < 5.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes by United Themes Type Plugin Vulnerable versions 5.0.5 Fixed in 5.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37097 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6a3726b5a722 Credits Rafie Muhammad...

7.1CVSS6.6AI score0.00288EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder