Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8980 matches found

Cvelist
Cvelistadded 2025/08/14 6:21 p.m.13 views

CVE-2025-54746 WordPress Shortcode Redirect Plugin <= 1.0.02 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cartpauj Shortcode Redirect shortcode-redirect allows Stored XSS.This issue affects Shortcode Redirect: from n/a through = 1.0.02...

6.5CVSS0.00159EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/08/14 2:43 p.m.8 views

WordPress Shortcode Redirect Plugin <= 1.0.02 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Rooting in WordPress Plugin Shortcode Redirect versions = 1.0.02...

6.5CVSS6.1AI score0.00159EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/08/14 11:15 a.m.1 views

CVE-2025-49051

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biscia7 Hide Text Shortcode hide-text-shortcode allows Stored XSS.This issue affects Hide Text Shortcode: from n/a through = 1.1...

6.5CVSS0.00196EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/14 10:34 a.m.8 views

CVE-2025-39483 WordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a through 3.9.9.1...

6.5CVSS0.00249EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/14 10:34 a.m.1 views

CVE-2025-39483 WordPress Eventer plugin < 3.9.9.1 - Content Injection vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in imithemes Eventer eventer allows Code Injection.This issue affects Eventer: from n/a through 3.9.9.1...

6.5CVSS4.6AI score0.00249EPSS
Exploits0References1
CVE
CVEadded 2025/08/14 10:34 a.m.12 views

CVE-2025-49051

CVE-2025-49051 (Hide Text Shortcode) affects the WordPress plugin Hide Text Shortcode, version ranges up to and including 1.1. The vulnerability is a stored XSS caused by improper input neutralization during web page generation. Public sources (NVD/Red Hat/patch coverage) corroborate a stored XSS...

6.5CVSS5.9AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/14 10:34 a.m.8 views

CVE-2025-49051 WordPress Hide Text Shortcode plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biscia7 Hide Text Shortcode hide-text-shortcode allows Stored XSS.This issue affects Hide Text Shortcode: from n/a through = 1.1...

6.5CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/14 10:34 a.m.1 views

CVE-2025-49051 WordPress Hide Text Shortcode plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in biscia7 Hide Text Shortcode allows Stored XSS. This issue affects Hide Text Shortcode: from n/a through 1.1...

6.5CVSS6.9AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/08/14 3:22 a.m.10 views

CVE-2025-8685

The Wp chart generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpchart shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS6AI score0.00232EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/08/14 12:0 a.m.1 views

WordPress plugin Shortcode Redirect 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.5CVSS5.9AI score0.00159EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/08/14 12:0 a.m.2 views

WordPress plugin Hide Text Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.2 views

PT-2025-33182 · WordPress · Biscia7 Hide Text Shortcode

Name of the Vulnerable Software and Affected Versions: biscia7 Hide Text Shortcode versions through 1.1 Description: Improper neutralization of input during web page generation allows for stored cross-site scripting XSS. Recommendations: Update biscia7 Hide Text Shortcode to a version later than...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.8 views

PT-2025-33393 · Unknown · Cartpauj Shortcode Redirect

Name of the Vulnerable Software and Affected Versions: cartpauj Shortcode Redirect versions n/a through 1.0.02 Description: Improper neutralization of input during web page generation allows for Stored Cross-site Scripting XSS. This issue impacts the Shortcode Redirect component. Recommendations:...

6.5CVSS6AI score0.00159EPSS
Exploits0References4
Patchstack
Patchstackadded 2025/08/13 1:49 p.m.4 views

WordPress Hide Text Shortcode plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Hide Text Shortcode versions = 1.1...

6.5CVSS5.9AI score0.00196EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/08/12 3:15 a.m.3 views

CVE-2025-8685

The Wp chart generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpchart shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00232EPSS
Exploits0References3
NVD
NVDadded 2025/08/12 3:15 a.m.2 views

CVE-2025-8688

The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00232EPSS
Exploits0References3
CVE
CVEadded 2025/08/12 2:24 a.m.24 views

CVE-2025-8688

CVE-2025-8688 : The WordPress plugin Inline Stock Quotes (versions

6.4CVSS5.9AI score0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/12 2:24 a.m.1 views

CVE-2025-8688 Inline Stock Quotes <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock Shortcode

The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00232EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/08/12 2:24 a.m.6 views

CVE-2025-8688 Inline Stock Quotes <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock Shortcode

The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/12 2:24 a.m.2 views

CVE-2025-8685 Wp chart generator <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpchart Shortcode

The Wp chart generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpchart shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5.9AI score0.00232EPSS
Exploits0References3
Rows per page
Query Builder