WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress Shortcodes Ultimate plugin is a plugin for WordPress that provides a rich set of visual component features that allow users to insert a wide range of pre-defined shortcodes such as buttons, accordions, image rotations, etc. into post editors, text widgets, or template files, helping to...

WordPress Shortcodes Ultimate Plugin <= 7.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.2.2 Fixed in 7.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8500 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7fd442dd2a35 Credits Webbernaut Required...

WordPress Shortcodes Ultimate Pro Plugin < 7.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Pro Type Plugin Vulnerable versions 7.1.5 Fixed in 7.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4217 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b6182f916e0f Credits Dmitrii Ignatyev...

WordPress Shortcodes Ultimate Plugin <= 7.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.1.6 Fixed in 7.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4821 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7c78a726473d Credits Richard Telleng...

WordPress Shortcodes Ultimate Plugin <= 7.1.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.1.5 Fixed in 7.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4553 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b7f8c1d5e896 Credits wesley wcraft Requir...

WordPress Shortcodes Ultimate Plugin < 7.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions 7.1.2 Fixed in 7.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3548 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f430cc886fe Credits Dmitrii Ignatyev...

WordPress Shortcodes Ultimate Plugin <= 7.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.1.2 Fixed in 7.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3550 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 38b246791023 Credits stealthcopter Requir...

WordPress Shortcodes Ultimate Plugin < 7.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions 7.1.0 Fixed in 7.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3188 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1a5b1c96fbcf Credits Dmitrii Ignatyev...

WordPress Shortcodes Ultimate Plugin < 7.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions 7.0.5 Fixed in 7.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8059f6c5720a Credits Dmitrii Ignatyev...

WordPress Shortcodes Ultimate Plugin <= 7.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.2 Fixed in 7.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1510 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 83c77f226026 Credits Richard Telleng...

WordPress Shortcodes Ultimate Plugin <= 7.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.1 Fixed in 7.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0792 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 60b85feef073 Credits Webbernaut Required...

WordPress Shortcodes Ultimate Plugin <= 7.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.0 Fixed in 7.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6488 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b6d59c7090f Credits Webbernaut Required...

WordPress Shortcodes Ultimate Plugin <= 5.13.3 is vulnerable to Insecure Direct Object References (IDOR)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.3 Fixed in 7.0.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-6226 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7b259d4a9888 Credits Francesc...

WordPress Shortcodes Ultimate Plugin <= 5.13.3 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.3 Fixed in 7.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6225 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f77e11ca5365 Credits Francesco Carlucci...

CVE-2023-23800 WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in Vova Anokhin WP Shortcodes Plugin — Shortcodes Ultimate.This issue affects WP Shortcodes Plugin — Shortcodes Ultimate: from n/a through 5.12.6...

CVE-2023-0890 Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access

The WordPress Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 5.12.8 does not ensure that posts to be displayed via some shortcodes are already public and can be accessed by the user making the request, allowing any authenticated users such as subscriber to view draft, private or...

WordPress Shortcodes Ultimate Plugin < 5.12.8 is vulnerable to Sensitive Data Exposure

Software Shortcodes Ultimate Type Plugin Vulnerable versions 5.12.8 Fixed in 5.12.8 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0911 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 466e8901614e Credits Erwan LR WPScan Requir...

WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Arbitrary File Download

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.12.6 Fixed in 5.12.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Arbitrary File Download CVE CVE-2023-25050 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 547ac1ab598f Credits Rafie Muhammad...

WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.12.6 Fixed in 5.12.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25040 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7acc7c74ae4b Credits Rafie Muhammad...

WordPress Shortcodes Ultimate Plugin Directory Traversal Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites on PHP and MySQL servers.Shortcodes Ultimate is one of the buttons to add plug-ins. A directory traversal vulnerability exists in WordPress...