WordPress Shortcodes and Extra Features for Phlox <2.9.8 - Cross-Site Scripting

WordPress Shortcodes and extra features plugin for the Phlox theme before 2.9.8 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response. An attacker can inject arbitrary script in the browser of an unsuspecting...

CVE-2025-69016

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

CVE-2025-69016 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

PT-2025-53897

Name of the Vulnerable Software and Affected Versions averta Shortcodes and extra features for Phlox theme auxin-elements versions through 2.17.12 Description An authorization issue exists in averta Shortcodes and extra features for Phlox theme auxin-elements, allowing exploitation due to...

CVE-2025-63071

Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded Sensitive Data.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

CVE-2025-63071 WordPress Shortcodes and extra features for Phlox theme plugin <= 2.17.15 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded Sensitive Data.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.15...

PT-2025-50071

Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded Sensitive Data.This issue affects Shortcodes and extra features for Phlox theme: from n/a through = 2.17.12...

CVE-2024-31099

Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.7...

CVE-2024-31099 WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Averta Shortcodes and extra features for Phlox theme auxin-elements.This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.15.7...