8436 matches found
CVE-2026-3997
The CVE-2026-3997 entry describes a Stored Cross-Site Scripting vulnerability in the WordPress Text Toggle plugin (versions up to 1.1). The flaw is in avp_texttoggle_part_shortcode(): the ‘title’ shortcode attribute is taken from user input and concatenated into HTML output without escaping, both...
CVE-2026-3997
The Text Toggle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute of the ttpart and tt shortcodes in all versions up to and including 1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3997 Text Toggle <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute
The Text Toggle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute of the ttpart and tt shortcodes in all versions up to and including 1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3997 Text Toggle <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute
The Text Toggle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute of the ttpart and tt shortcodes in all versions up to and including 1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
CVE-2026-3554 Sherk Custom Post Type Displays <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the 'title' attribute of the...
CVE-2026-3554
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the 'title' attribute of the...
CVE-2026-3554 Sherk Custom Post Type Displays <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'title' Shortcode Attribute
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the 'title' attribute of the...
CVE-2026-3554
The vulnerability affects the Sherk Custom Post Type Displays WordPress plugin (up to version 1.2.1). In sherkcptdisplays_func(), the title attribute of the sherkcptdisplays shortcode is read via shortcode_atts() and directly concatenated into an HTML without escaping, enabling Stored XSS. Explo...
CVE-2026-1275 Multi Post Carousel by Category <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
CVE-2026-1275 Multi Post Carousel by Category <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
CVE-2026-3617 Paypal Shortcodes <= 0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'amount' and 'name' Shortcode Attributes
The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'amount' and 'name' shortcode attributes in all versions up to, and including, 0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The...
CVE-2026-3617
The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'amount' and 'name' shortcode attributes in all versions up to, and including, 0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The...
CVE-2026-3619
The Sheets2Table WordPress plugin is affected by CVE-2026-3619 through the [sheets2table-render-table] shortcode; all versions up to 0.4.1 are vulnerable. The root cause is insufficient input sanitization and output escaping: the titles attribute value is passed through S2T_Functions::trim_array_...
CVE-2026-3619 Sheets2Table <= 0.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'titles' Shortcode Attribute
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-1899
Summary: The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting (XSS) via the aps_slider shortcode, affecting all versions up to and including 1.0.4. The root cause is insufficient input sanitization and output escaping on the ‘post_type’ attribute. Impact: Authenti...
CVE-2026-1899 Any Post Slider <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'post_type' Shortcode Attribute
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's apsslider shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'posttype' attribute. This makes it possible for authenticated...
CVE-2026-1899 Any Post Slider <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'post_type' Shortcode Attribute
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's apsslider shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'posttype' attribute. This makes it possible for authenticated...
CVE-2026-1899
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's apsslider shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'posttype' attribute. This makes it possible for authenticated...
CVE-2026-1806 Tour & Activity Operator Plugin for TourCMS <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The Tour & Activity Operator Plugin for TourCMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'target' parameter of the tourcmsdoclink shortcode in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possib...
CVE-2026-1806
The CVE-2026-1806 entry concerns the Tour & Activity Operator Plugin for TourCMS on WordPress. It describes a Stored Cross-Site Scripting vulnerability via the target parameter of the tourcms_doc_link shortcode, affecting all versions up to 1.7.0 due to insufficient input sanitization and output ...