Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:20 a.m.7 views

CVE-2024-3188

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

6.3CVSS5.8AI score0.00438EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/26 5:0 a.m.17 views

CVE-2024-3188 Shortcodes Ultimate < 7.1.0 - Contributor+ Stored XSS

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.8AI score0.00438EPSS
Exploits2References1
CVE
CVE
added 2024/04/26 5:0 a.m.80 views

CVE-2024-3188

CVE-2024-3188 affects the WordPress plugin Shortcodes Ultimate (Shortcodes Plugin) up to version 7.0.x (pre-7.1.0). The issue is a lack of validation/escaping of certain shortcode attributes, which are output back into the page/post containing the shortcode. This can enable Stored Cross-Site Scri...

6.3CVSS8AI score0.00438EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/04/26 5:0 a.m.20 views

CVE-2024-3188 Shortcodes Ultimate < 7.1.0 - Contributor+ Stored XSS

The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.7AI score0.00438EPSS
Exploits2References1
Rows per page
Query Builder