CVE-2025-58022 WordPress ShortCode Plugin <= 0.8.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through = 0.8.1...

CVE-2025-58021 WordPress List Child Pages Shortcode Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through = 1.3.1...

CVE-2025-58021 WordPress List Child Pages Shortcode Plugin <= 1.3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through = 1.3.1...

CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JS Morisset JSM filegetcontents Shortcode wp-file-get-contents allows Stored XSS.This issue affects JSM filegetcontents Shortcode: from n/a through = 2.7.1...

CVE-2025-58653 WordPress JSM file_get_contents() Shortcode Plugin <= 2.7.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in JS Morisset JSM filegetcontents Shortcode wp-file-get-contents allows Stored XSS.This issue affects JSM filegetcontents Shortcode: from n/a through = 2.7.1...

CVE-2025-58653

CVE-2025-58653 affects the WordPress plugin JSM file_get_contents Shortcode (JSM file_get_contents() Shortcode). Description indicates improper input neutralization leading to a Stored XSS within the shortcode, with affected versions from unknown earlier than or equal to 2.7.1. Connected document...

CVE-2025-58683

The Connected documents provide concrete details for CVE-2025-58683: Affected software is the Last Updated Shortcode WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin component responsible for “Last Updated Shortcode.” The issue arises from improper neutrali...

CVE-2025-58683 WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through = 1.0.1...

CVE-2025-58683 WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Luke Mlsna Last Updated Shortcode last-updated-shortcode allows Stored XSS.This issue affects Last Updated Shortcode: from n/a through = 1.0.1...

CVE-2025-10181

The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

WordPress plugin ShortCode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38872

Name of the Vulnerable Software and Affected Versions maxpagels ShortCode versions through 0.8.1 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Cross-site Scripting issue. This allows for Stored XSS attacks. The issue...

PT-2025-38871

Name of the Vulnerable Software and Affected Versions douglaskarr List Child Pages Shortcode versions through 1.3.1 Description The software contains a flaw due to improper handling of input during the creation of web pages, specifically a Cross-site Scripting issue. This allows for Stored XSS,...

WordPress plugin WordPress Widgets Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin JSM file_get_contents Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. A cross-site scripting...

PT-2025-38971

Name of the Vulnerable Software and Affected Versions Last Updated Shortcode versions through 1.0.1 Description The Last Updated Shortcode software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting XSS. This means that...

PT-2025-38839

Name of the Vulnerable Software and Affected Versions Brajesh Singh WordPress Widgets Shortcode versions through 1.0.3 Description The software contains a flaw due to improper handling of input during the creation of web pages, specifically a Stored Cross-site Scripting issue. This allows for the...

WordPress plugin Last Updated Shortcode Cross-site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

PT-2025-38942

Name of the Vulnerable Software and Affected Versions JS Morisset JSM file get contents Shortcode versions through 2.7.1 Description A flaw exists in JS Morisset JSM file get contents Shortcode that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input...

CVE-2025-10181

The Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'drafts' shortcode in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...