4 matches found
CVE-2024-9696
The Rescue Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rescuetab' shortcode in all versions up to, and including, 2.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11199
CVE-2024-11199 — Rescue Shortcodes (WordPress) stored XSS . Affects Rescue Shortcodes plugin for WordPress, versions up to and including 2.9. Vulnerability arises from insufficient input sanitization and output escaping in the rescue_progressbar shortcode attributes, enabling authenticated attack...
CVE-2023-41728
CVE-2023-41728: WordPress Rescue Shortcodes plugin
WordPress Rescue Shortcodes Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS)
Software Rescue Shortcodes Type Plugin Vulnerable versions = 2.5 Fixed in 2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41728 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e35ae9ed3dd7 Credits yuyudhn Required privileg...