Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8967 matches found

Cvelist
Cvelistadded 2025/01/16 8:7 p.m.13 views

CVE-2025-23791 WordPress Horizontal Line Shortcode Plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mikakaltoft Horizontal Line Shortcode horizontal-line-shortcode allows Stored XSS.This issue affects Horizontal Line Shortcode: from n/a through = 1.0...

6.5CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/16 8:6 p.m.13 views

CVE-2025-23618 WordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in starise Twitter Shortcode twitter-shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through = 0.9...

7.1CVSS0.00184EPSS
Exploits0References1
CVE
CVEadded 2025/01/16 8:6 p.m.47 views

CVE-2025-23618

CVE-2025-23618 is a Cross-Site Request Forgery (CSRF) vulnerability in the Twitter Shortcode plugin by Andrea Brandi that enables Stored XSS. The affected product is Twitter Shortcode from an unspecified start version up to 0.9. The Red Hat CVE entry confirms the CSRF-to-Stored XSS behavior, but ...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/16 8:6 p.m.13 views

CVE-2025-23569 WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kelvin Ng Shortcode in Comment shortcode-in-comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through = 1.1.1...

7.1CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/16 8:6 p.m.4 views

CVE-2025-23569 WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Kelvin Ng Shortcode in Comment allows Stored XSS.This issue affects Shortcode in Comment: from n/a through 1.1.1...

7.1CVSS7AI score0.00184EPSS
Exploits0References1
CVE
CVEadded 2025/01/16 8:6 p.m.44 views

CVE-2025-23569

CVE-2025-23569 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Shortcode in Comment” by Kelvin Ng, which allows Stored XSS. The vulnerability affects the Shortcode in Comment plugin version range up to 1.1.1 (inclusive). The hosted CVE details also cite a CVSS...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
Patchstack
Patchstackadded 2025/01/16 6:43 p.m.3 views

WordPress Enhanced YouTube Shortcode plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Enhanced YouTube Shortcode versions = 2.0.1...

6.5CVSS6.1AI score0.0022EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:43 p.m.3 views

WordPress PDF.js Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin PDF.js Shortcode versions = 1.0...

6.5CVSS6.1AI score0.0022EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:42 p.m.2 views

WordPress Mindmeister Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Mindmeister Shortcode versions = 1.0...

6.5CVSS6.1AI score0.00357EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:42 p.m.4 views

WordPress GMap Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin GMap Shortcode versions = 2.0...

6.5CVSS6.1AI score0.00357EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:42 p.m.2 views

WordPress Easy Shortcode Buttons plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Easy Shortcode Buttons versions = 1.2...

6.5CVSS6.1AI score0.00272EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:42 p.m.2 views

WordPress Horizontal Line Shortcode Plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Horizontal Line Shortcode versions = 1.0...

6.5CVSS5.8AI score0.00354EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:41 p.m.4 views

WordPress Sidebar-Content from Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Sidebar-Content from Shortcode versions = 2.0...

6.5CVSS6.1AI score0.00334EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:41 p.m.3 views

WordPress Twitter Shortcode plugin <= 0.9 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Twitter Shortcode versions = 0.9...

7.1CVSS5.8AI score0.00184EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:41 p.m.2 views

WordPress Shortcode in Comment plugin <= 1.1.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Shortcode in Comment versions = 1.1.1...

7.1CVSS6.2AI score0.00184EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2025/01/16 6:41 p.m.2 views

WordPress Simple shortcode buttons plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Simple shortcode buttons versions = 1.3.2...

7.1CVSS6.1AI score0.00382EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/01/16 2:15 a.m.4 views

CVE-2024-10970

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

5.4CVSS0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/01/16 1:49 a.m.8 views

CVE-2024-10970 Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

5.4CVSS7.3AI score0.00323EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/01/16 1:49 a.m.15 views

CVE-2024-10970 Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title

The The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.43. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...

5.4CVSS0.00323EPSS
Exploits0References2
CVE
CVEadded 2025/01/16 1:49 a.m.48 views

CVE-2024-10970

CVE-2024-10970 (The Motors – Car Dealer, Classifieds & Listing plugin for WordPress) is exposed in all versions up to 1.4.43. The root cause is that the plugin allows a value to be passed into do_shortcode without proper validation, enabling an authenticated attacker (Subscriber+ level) to execut...

5.4CVSS5.8AI score0.00323EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder