3 matches found
CVE-2024-1808
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'suqrcode' shortcode in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-1808
CVE-2024-1808 affects the WordPress WP Shortcodes Plugin — Shortcodes Ultimate. It describes a Stored Cross-Site Scripting (XSS) in the plugin’s su_qrcode shortcode for all versions up to 7.0.3, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitatio...
WordPress Shortcodes Ultimate Plugin <= 7.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.3 Fixed in 7.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1808 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 79f47d814a15 Credits Webbernaut Required...