CVE-2026-0913 User Submitted Posts <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'uspaccess' shortcode in all versions up to, and including, 20260110 due to insufficient input sanitization and output escaping on user...

PT-2026-3236

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'usp access' shortcode in all versions up to, and including, 20260110 due to insufficient input sanitization and output escaping on user...

WordPress User Submitted Posts plugin <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'uspaccess' Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin User Submitted Posts versions = 20260110...

EUVD-2023-29683

Malicious code in bioql PyPI...

CVE-2024-9051 WP Ultimate Post Grid <= 3.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpupg-grid-with-filters Shortcode

The WP Ultimate Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpupg-grid-with-filters shortcode in all versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2023-25786

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin = 1.8.2 versions...

CVE-2023-25786

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin = 1.8.2 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin = 1.8.2 versions...

CVE-2023-25786 WordPress Eyes Only: User Access Shortcode Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin = 1.8.2 versions...

CVE-2023-25786

The CVE-2023-25786 issue affects the WordPress plugin Eyes Only: User Access Shortcode (Thom Stark Eyes Only) version 1.8.2 and earlier. The root cause is a Stored Cross-Site Scripting (XSS) vulnerability that requires admin+ privileges to exploit, with an impact limited to confidentiality and in...

WordPress plugin Eyes Only: User Access Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Eyes Only: User Access Shortcode Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Eyes Only: User Access Shortcode Type Plugin Vulnerable versions = 1.8.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25786 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a492ed1c72d5 Credits Rio...