CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

9 matches found

RedhatCVE•added 2026/06/05 7:32 p.m.•8 views

CVE-2026-6256

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.7AI score0.00187EPSS

Exploits0References1

EUVD•added 2026/05/12 9:31 a.m.•5 views

EUVD-2026-29403

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00187EPSS

Exploits0References4

NVD•added 2026/05/12 9:16 a.m.•7 views

CVE-2026-6256

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00187EPSS

Exploits0References3

CVE•added 2026/05/12 7:48 a.m.•10 views

CVE-2026-6256

CVE-2026-6256 affects the WordPress plugin Credits Shortcode (versions

6.4CVSS6AI score0.00187EPSS

Exploits0References3

ATTACKERKB•added 2026/05/12 7:48 a.m.•5 views

CVE-2026-6256

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00187EPSS

Exploits0References4

Vulnrichment•added 2026/05/12 7:48 a.m.•4 views

CVE-2026-6256 Credits Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Shortcode Attribute

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00187EPSS

Exploits0References3

Cvelist•added 2026/05/12 7:48 a.m.•35 views

CVE-2026-6256 Credits Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'link' Shortcode Attribute

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00187EPSS

Exploits0References3

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-39958

The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS6AI score0.00187EPSS

Exploits0References4

Patchstack•added 2026/05/11 7:2 p.m.•4 views

WordPress Credits Shortcode plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by MAJidox in WordPress Plugin Credits Shortcode versions = 1.2...

6.4CVSS5.8AI score0.00187EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by