Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-25698

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00222EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/08/25 5:32 a.m.3 views

CVE-2025-7957

The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘authorlinktarget’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...

6.4CVSS6AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2025/08/23 5:15 a.m.4 views

CVE-2025-7957

The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘authorlinktarget’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...

6.4CVSS0.00222EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/23 4:25 a.m.2 views

CVE-2025-7957 ShortcodeHub <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via author_link_target Parameter

The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘authorlinktarget’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-leve...

6.4CVSS5.9AI score0.00222EPSS
Exploits0References3
CVE
CVE
added 2025/08/23 4:25 a.m.23 views

CVE-2025-7957

The CVE-2025-7957 entry concerns the WordPress ShortcodeHub plugin (MultiPurpose Shortcode Builder). It is a Stored Cross-Site Scripting (XSS) vulnerability via the author_link_target parameter in all versions up to 1.7.1, allowing authenticated attackers with Contributor+ privileges to inject sc...

6.4CVSS5.7AI score0.00222EPSS
Exploits0References3
Rows per page
Query Builder