8436 matches found
CVE-2026-1854
CVE-2026-1854 concerns the WordPress Post Flagger plugin. A stored XSS vulnerability exists via the plugin’s 'flag' shortcode attribute in all versions up to and including 1.1 due to insufficient input sanitization and output escaping. The issue can be chained by an authenticated attacker with co...
CVE-2026-1854 Post Flagger <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slug' Shortcode Attribute
The Post Flagger plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'flag' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...
CVE-2026-4086
The CVE concerns the WP Random Button WordPress plugin (versions up to 1.0). It is vulnerable to Stored Cross-Site Scripting via the wp_random_button shortcode attributes cat, nocat, and text. The root cause is insufficient input sanitization and output escaping: the random_button_html() function...
CVE-2026-4086 WP Random Button <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'cat' Shortcode Attribute
The WP Random Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cat', 'nocat', and 'text' shortcode attributes of the 'wprandombutton' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on...
PT-2026-26867
The Text Toggle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute of the tt part and tt shortcodes in all versions up to and including 1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes...
PT-2026-26875
The WP Random Button plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cat', 'nocat', and 'text' shortcode attributes of the 'wp random button' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on...
PT-2026-26861
The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'amount' and 'name' shortcode attributes in all versions up to, and including, 0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The swer...
PT-2026-26820
The Go Night Pro | WordPress Dark Mode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'go-night-pro-shortcode' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on the user-supplied 'margin'...
PT-2026-26870
The Ad Short plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ad' shortcode's 'client' attribute in all versions up to and including 2.0.1. This is due to insufficient input sanitization and output escaping on the 'client' shortcode attribute. The ad func shortcode handl...
PT-2026-26859
Name of the Vulnerable Software and Affected Versions Sherk Custom Post Type Displays plugin for WordPress versions up to and including 1.2.1 Description The Sherk Custom Post Type Displays plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'title' shortcode attribute...
PT-2026-26803
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
PT-2026-26826
The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fusedesk newcase shortcode in all versions up to, and including, 6.8 due to insufficient input sanitization and output escaping on the 'emailtext' attribute. This makes it possible for authenticated...
PT-2026-26823
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aps slider shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'post type' attribute. This makes it possible for authenticated...
PT-2026-26821
The Outgrow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the 'outgrow' shortcode in all versions up to, and including, 2.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2026-26862
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
WordPress plugin Go Night Pro | WordPress Dark Mode Plugin 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-26818
The iVysilani Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' shortcode attribute in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-4083
The CVE concerns the WordPress plugin Scoreboard for HTML5 Games Lite (up to version 1.2). The root cause is in the shortcode handling function sfhg_shortcode(), which allows arbitrary HTML attributes to be added to the rendered despite a small blacklist, because escaping is insufficient for eve...
AVideo has Reflected XSS via unlockPassword Parameter in forbiddenPage.php and warningPage.php
Summary The view/forbiddenPage.php and view/warningPage.php templates reflect the $REQUEST'unlockPassword' parameter directly into an HTML tag's attributes without any output encoding or sanitization. An attacker can craft a URL that breaks out of the value attribute and injects arbitrary HTML...
SUSE-SU-2026:20761-1 Security update for python-tornado6
This update for python-tornado6 fixes the following issues: - CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service bsc1259553. - incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes bsc1259630...