CVE-2025-58609

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Stored XSS.This issue affects Latest Post Shortcode: from n/a through = 14.0.3...

WordPress Latest Post Shortcode Plugin <= 14.0.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 63n0 in WordPress Plugin Latest Post Shortcode versions = 14.0.3...

CVE-2025-58609 WordPress Latest Post Shortcode Plugin <= 14.0.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Stored XSS.This issue affects Latest Post Shortcode: from n/a through = 14.0.3...

CVE-2025-58609

CVE-2025-58609 affects the WordPress plugin Latest Post Shortcode (versions up to 14.0.3). The issue is a Stored XSS caused by improper input neutralization during web page generation. Exploitation could occur via the plugin’s shortcode rendering, leading to script execution in affected sites. Th...

CVE-2025-58609 WordPress Latest Post Shortcode Plugin <= 14.0.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Stored XSS.This issue affects Latest Post Shortcode: from n/a through = 14.0.3...

WordPress plugin Latest Post Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-35743

Name of the Vulnerable Software and Affected Versions: Latest Post Shortcode versions through 14.0.3 Description: The Latest Post Shortcode contains a flaw due to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. Recommendations: Update...

CVE-2025-22276

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in enguerranws Related Post Shortcode related-post-shortcode allows Stored XSS.This issue affects Related Post Shortcode: from n/a through = 1.2...

CVE-2024-56021

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibnuyahya Category Post Shortcode category-post-shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through = 2.4...

CVE-2025-22276

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in enguerranws Related Post Shortcode related-post-shortcode allows Stored XSS.This issue affects Related Post Shortcode: from n/a through = 1.2...

CVE-2025-22276

CVE-2025-22276 is a stored XSS vulnerability in the WordPress Related Post Shortcode plugin. Affected: Related Post Shortcode (versions up to 1.2, n/a through 1.2). Root cause: improper neutralization of input during web page generation. Impact: stored cross-site scripting vulnerability with low–...

WordPress Related Post Shortcode Plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Ngoc Duy Patchstack Alliance in WordPress Plugin Related Post Shortcode versions = 1.2...

CVE-2024-56021

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibnuyahya Category Post Shortcode category-post-shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through = 2.4...

WordPress plugin Category Post Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2024-56021 WordPress Category Post Shortcode Plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibnuyahya Category Post Shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through 2.4...

CVE-2024-56021 WordPress Category Post Shortcode Plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ibnuyahya Category Post Shortcode category-post-shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through = 2.4...

WordPress Category Post Shortcode Plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Category Post Shortcode versions = 2.4...

PT-2024-17247 · WordPress · Post Carousel & Slider

Name of the Vulnerable Software and Affected Versions: The Post Carousel & Slider plugin for WordPress versions up to, and including, 1.0.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'post-cs' shortcode due to insufficient input sanitization and output...

PT-2024-17595 · WordPress · Post To Pdf

Name of the Vulnerable Software and Affected Versions: Post to Pdf plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gmptp single post' shortcode due to insufficient input sanitization and output escaping on...

CVE-2023-3051

The Page Builder by AZEXO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'azhpost' shortcode in versions up to, and including, 1.27.133 due to insufficient input sanitization and output escaping. This makes it possible for contributor-level attackers to inject arbitrary web...