4 matches found
CVE-2025-14109
The AH Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column' shortcode attribute in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2025-14109 AH Shortcodes <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute
The AH Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column' shortcode attribute in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
PT-2026-1619
Name of the Vulnerable Software and Affected Versions AH Shortcodes plugin for WordPress versions prior to 1.0.3 Description The AH Shortcodes plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'column' shortcode attribute. Insufficient input sanitization and output...
WordPress AH Shortcodes plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'column' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin AH Shortcodes versions = 1.0.2...