8 matches found
EUVD-2025-21844
Malicious code in bioql PyPI...
CVE-2025-7648
The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ruvenbutton' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-7648
The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ruvenbutton' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-7648
CVE-2025-7648 affects Ruven Themes: Shortcodes for WordPress. The stored XSS exists in the ruven_button shortcode in versions up to 1.0 due to insufficient input sanitization and output escaping. An authenticated attacker with contributor-level access can inject script that executes for users loa...
CVE-2025-7648 Ruven Themes: Shortcodes <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ruvenbutton' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-7648 Ruven Themes: Shortcodes <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ruvenbutton' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
PT-2025-29992 · WordPress · Shortcodes
Name of the Vulnerable Software and Affected Versions: Ruven Themes: Shortcodes plugin for WordPress versions prior to 1.0 Description: The plugin is susceptible to Stored Cross-Site Scripting through the ruven button shortcode due to inadequate input sanitization and output escaping of...
WordPress plugin Ruven Themes: Shortcodes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...