Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:19 a.m.6 views

CVE-2024-2583

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...

5.4CVSS5.8AI score0.00403EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.8 views

WordPress Shortcodes Ultimate Plugin < 7.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions 7.0.5 Fixed in 7.0.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8059f6c5720a Credits Dmitrii Ignatyev...

5.4CVSS6AI score0.00403EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2024/04/13 5:15 a.m.13 views

CVE-2024-2583

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...

5.4CVSS5.5AI score0.00403EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/13 5:0 a.m.37 views

CVE-2024-2583 Shortcodes Ultimate < 7.0.5 - Contributor+ Stored XSS

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...

5.7AI score0.00403EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/13 5:0 a.m.19 views

CVE-2024-2583 Shortcodes Ultimate < 7.0.5 - Contributor+ Stored XSS

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.0.5 does not properly escape some of its shortcodes attributes before they are echoed back to users, making it possible for users with the contributor role to conduct Stored XSS attacks...

5.5AI score0.00403EPSS
Exploits2References1
CVE
CVE
added 2024/04/13 5:0 a.m.102 views

CVE-2024-2583

The CVE-2024-2583 entry concerns the WordPress plugin Shortcodes Ultimate (versions before 7.0.5). The vulnerability is a Stored XSS flaw caused by insufficient escaping of certain shortcode attributes before echoing back to users. Impactful for users with the Contributor role; requires user inte...

5.4CVSS5.7AI score0.00403EPSS
Exploits2References1Affected Software1
NVD
NVD
added 2024/04/09 7:15 p.m.14 views

CVE-2024-3512

Rejected reason: DUPLICATE Please use CVE-2024-2583 instead...

6.4AI score
Exploits1
Rows per page
Query Builder