ShortCode Addons - Unauthenticated Options Update

WordPress plugin Shortcode Addons = 3.0.2 contains an unauthenticated arbitrary option update caused by insufficient access controls in the plugin, letting attackers modify options without authentication. id: CVE-2022-34487 info: name: ShortCode Addons - Unauthenticated Options Update author:...

EUVD-2022-37442

Malicious code in bioql PyPI...

EUVD-2022-37006

Malicious code in bioql PyPI...

EUVD-2024-36444

Malicious code in bioql PyPI...

CVE-2024-37121

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-31114

Unrestricted Upload of File with Dangerous Type vulnerability in biplob018 Shortcode Addons.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-37121

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-37121

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-37121

CVE-2024-37121 is a Stored XSS vulnerability in WordPress plugin Shortcode Addons (biplob018 Shortcode Addons) affecting versions up to 3.2.5. The issue is described as Improper Neutralization of Input During Web Page Generation. Public details in connected sources confirm the vulnerability vecto...

CVE-2024-37121 WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in biplob018 Shortcode Addons allows Stored XSS.This issue affects Shortcode Addons: from n/a through 3.2.5...

PT-2024-27317 · Unknown · Biplob018 Shortcode Addons

Name of the Vulnerable Software and Affected Versions: biplob018 Shortcode Addons versions 3.2.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

WordPress Shortcode Addons plugin <= 3.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin Shortcode Addons versions = 3.2.5...

WordPress Shortcode Addons Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Shortcode Addons Type Plugin Vulnerable versions = 3.2.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37121 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID eac9b5d824f4 Credits Jean Tirstan T Required privilege...

WordPress Shortcode Addons plugin <= 3.2.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NinTechNet in WordPress Plugin Shortcode Addons versions = 3.2.5...

Shortcode Addons <= 3.2.5 - Authenticated (Admin+) Arbitrary File Upload

Description The Shortcode Addons- with Visual Composer, Divi, Beaver Builder and Elementor Extension plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.2.5. This makes it possible for authenticated attackers, wi...

CVE-2024-31114 WordPress Shortcode Addons <= 3.2.5 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in biplob018 Shortcode Addons.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-31114 WordPress Shortcode Addons <= 3.2.5 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in biplob018 Shortcode Addons.This issue affects Shortcode Addons: from n/a through 3.2.5...

CVE-2024-31114

CVE-2024-31114 concerns the WordPress plugin group “Shortcode Addons” (Shortcode Addons: from n/a through 3.2.5). The connected exploit document confirms concrete technical details: an authenticated attacker with administrator-level access can abuse a missing file-type validation to perform an ar...

PT-2024-23784 · Unknown · Shortcode Addons

Name of the Vulnerable Software and Affected Versions: Shortcode Addons versions 3.2.5 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability in biplob018 Shortcode Addons. Recommendations: For versions 3.2.5 and earlier, update to a...