3 matches found
CVE-2023-6488
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplie...
CVE-2023-6488
CVE-2023-6488 concerns the WP Shortcodes Plugin — Shortcodes Ultimate for WordPress. The issue is a stored cross-site scripting (XSS) vulnerability in the plugin’s shortcodes (su_button, su_members, su_tabs) present in all versions up to 7.0.0. The root cause is insufficient input sanitization an...
WordPress Shortcodes Ultimate Plugin <= 7.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.0 Fixed in 7.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6488 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b6d59c7090f Credits Webbernaut Required...