8961 matches found
CVE-2026-4248
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...
CVE-2026-4248
The CVE-2026-4248 entry concerns the Ultimate Member WordPress plugin with a vulnerability in versions up to 2.11.2. The issue arises because the '{usermeta:password_reset_link}' template tag is processed inside post content via the [um_loggedin] shortcode, generating a valid password reset token...
CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...
CVE-2026-4248 Ultimate Member <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the 'usermeta:passwordresetlink' template tag being processed within post content via the 'umloggedin' shortcode, which generates a valid password...
WordPress Simple Download Counter plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'text' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'text' Shortcode Attribute vulnerability discovered by zaim in WordPress Plugin Simple Download Counter versions = 2.3...
CVE-2026-4278
The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sdcmenu' shortcode in all versions up to, and including, 2.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes, specifically the 'text' an...
CVE-2026-4075
The BWL Advanced FAQ Manager Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bafsbox' shortcode in all versions up to and including 1.1.1. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'sboxid',...
PT-2026-28639
Name of the Vulnerable Software and Affected Versions Ultimate Member plugin for WordPress versions through 2.11.2 Description The Ultimate Member plugin for WordPress is susceptible to Sensitive Information Exposure. The issue stems from the 'usermeta:password reset link' template tag being...
CVE-2026-31916
Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...
CVE-2026-3617
The Paypal Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'amount' and 'name' shortcode attributes in all versions up to, and including, 0.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes. The...
CVE-2026-3619
The Sheets2Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titles' shortcode attribute in the sheets2table-render-table shortcode in all versions up to and including 0.4.1. This is due to insufficient input sanitization and output escaping. Specifically, the...
CVE-2026-3554
The Sherk Custom Post Type Displays plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in all versions up to, and including, 1.2.1. This is due to insufficient input sanitization and output escaping on the 'title' attribute of the...
CVE-2026-3475
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
CVE-2026-3996
The WP Games Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the game shortcode in all versions up to and including 0.1beta. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'width', 'height', 'src',...
CVE-2026-3333
The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'linkgate' shortcode in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2026-1093
The WPFAQBlock– FAQ & Accordion Plugin For Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter of the 'wpfaqblock' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied...
CVE-2026-1822
The WP NG Weather plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ng-weather' shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2026-1851
The iVysilani Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'width' shortcode attribute in all versions up to, and including, 3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2026-1891
The Simple Football Scoreboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ytmrfbscoreboard' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2026-1899
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's apsslider shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'posttype' attribute. This makes it possible for authenticated...