CVE-2026-24354

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Shortcodes & Performance penci-shortcodes allows DOM-Based XSS.This issue affects Penci Shortcodes & Performance: from n/a through = 6.1...

PT-2026-4250

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Shortcodes & Performance penci-shortcodes allows DOM-Based XSS.This issue affects Penci Shortcodes & Performance: from n/a through = 6.1...

WordPress plugin Penci Shortcodes & Performance – Cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

EUVD-2025-30470

Malicious code in bioql PyPI...

CVE-2025-59587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Penci Shortcodes & Performance penci-shortcodes allows DOM-Based XSS.This issue affects Penci Shortcodes & Performance: from n/a through 6.1...

CVE-2025-59587

CVE-2025-59587 is a DOM-based XSS in the WordPress plugin Penci Shortcodes & Performance. The vulnerability requires authenticated access (Contributor+), affects versions before the fix, and has a CVSS v3.1 base score of 6.5 (Medium). Wordfence indicates the issue is addressed in a 6.1+ release, ...

PT-2025-39057

Name of the Vulnerable Software and Affected Versions PenciDesign Penci Shortcodes & Performance affected versions not specified Description The software contains a flaw related to improper input handling during web page creation, leading to a Cross-site Scripting issue. Specifically, this...