7 matches found
CVE-2024-2583
The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...
WordPress Shortcodes Ultimate Plugin < 7.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions 7.0.5 Fixed in 7.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8059f6c5720a Credits Dmitrii Ignatyev...
CVE-2024-2583
The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...
CVE-2024-2583 Shortcodes Ultimate < 7.0.5 - Contributor+ Stored XSS
The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...
CVE-2024-2583 Shortcodes Ultimate < 7.0.5 - Contributor+ Stored XSS
The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...
CVE-2024-2583
The CVE-2024-2583 entry concerns the WordPress plugin Shortcodes Ultimate (versions before 7.0.5). The vulnerability is a Stored XSS flaw caused by insufficient escaping of certain shortcode attributes before echoing back to users. Impactful for users with the Contributor role; requires user inte...
CVE-2024-3512
Rejected reason: DUPLICATE Please use CVE-2024-2583 instead...