9 matches found
CVE-2026-8897
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
CVE-2026-8897
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
CVE-2026-8897
Shortcode Buddy for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in versions ≤ 0.1.9.5 due to insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access and above can inject arbitrary scripts on pages, which execut...
CVE-2026-8897 Shortcode Buddy <= 0.1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
EUVD-2026-32064
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
PT-2026-43529
The Shortcode Buddy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 0.1.9.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level acces...
WordPress plugin Shortcode Buddy 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Shortcode Buddy plugin <= 0.1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Shortcode Buddy versions = 0.1.9.5...
PT-2024-22747 · Unknown · Jose Mortellaro Specific Content For Mobile – Customize The Mobile Version Without Redirections
Name of the Vulnerable Software and Affected Versions: Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections versions 0.1.9.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as...