PT-2025-17945 · WordPress · Smart Form Plugin

Name of the Vulnerable Software and Affected Versions: Create custom forms for WordPress with a smart form plugin for smart businesses versions 1.2.4 and earlier Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the software not properly validating a...

PT-2025-17956 · Unknown · Anps Theme

Name of the Vulnerable Software and Affected Versions: The Anps Theme plugin versions up to, and including, 1.1.1 Description: The issue is related to arbitrary shortcode execution due to the software allowing users to execute an action that does not properly validate a value before running do...

CVE-2025-39432

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in antonchanning bbPress2 shortcode whitelist bbpress2-shortcode-whitelist allows Stored XSS.This issue affects bbPress2 shortcode whitelist: from n/a through = 2.2.1...

WordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Ngo Bui Truong Vu in WordPress Plugin Flickr Shortcode Importer versions = 2.2.3...

WordPress BeerXML Shortcode plugin <= 0.7.1 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by ch4r0n in WordPress Plugin BeerXML Shortcode versions = 0.7.1...

WordPress GNA Search Shortcode plugin <= 0.9.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by johska in WordPress Plugin GNA Search Shortcode versions = 0.9.5...

CVE-2025-46540

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Mok GNA Search Shortcode gna-search-shortcode allows Stored XSS.This issue affects GNA Search Shortcode: from n/a through = 0.9.5...

CVE-2025-46511

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

CVE-2025-46481

Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer flickr-shortcode-importer allows Object Injection.This issue affects Flickr Shortcode Importer: from n/a through = 2.2.3...

CVE-2025-46481 WordPress Flickr Shortcode Importer <= 2.2.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer allows Object Injection. This issue affects Flickr Shortcode Importer: from n/a through 2.2.3...

CVE-2025-46481 WordPress Flickr Shortcode Importer plugin <= 2.2.3 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in Michael Cannon Flickr Shortcode Importer flickr-shortcode-importer allows Object Injection.This issue affects Flickr Shortcode Importer: from n/a through = 2.2.3...

CVE-2025-46481

CVE-2025-46481 describes a Deserialization of Untrusted Data vulnerability in WordPress Flickr Shortcode Importer (

CVE-2025-46511 WordPress BeerXML Shortcode <= 0.71 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode allows Server Side Request Forgery. This issue affects BeerXML Shortcode: from n/a through 0.71...

CVE-2025-46511 WordPress BeerXML Shortcode plugin <= 0.7.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

CVE-2025-46511

CVE-2025-46511 corresponds to a SSRF vulnerability in the WordPress BeerXML Shortcode plugin (versions

CVE-2025-46540 WordPress GNA Search Shortcode plugin <= 0.9.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Mok GNA Search Shortcode gna-search-shortcode allows Stored XSS.This issue affects GNA Search Shortcode: from n/a through = 0.9.5...

CVE-2025-46540 WordPress GNA Search Shortcode plugin <= 0.9.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chris Mok GNA Search Shortcode gna-search-shortcode allows Stored XSS.This issue affects GNA Search Shortcode: from n/a through = 0.9.5...

CVE-2025-46540

CVE-2025-46540 affects the WordPress plugin GNA Search Shortcode (versions up to and including 0.9.5). It is a stored XSS due to improper neutralization of input during web page generation. CVSS 3.1 base metrics: AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L (base score 6.5, MEDIUM). There is no exploitati...

WordPress plugin Flickr Shortcode Importer 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue vulnerability...

WordPress plugin GNA Search Shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...