PT-2024-34768 · Unknown · Edc Team Quran Shortcode

Name of the Vulnerable Software and Affected Versions: EDC Team Quran Shortcode versions 1.5 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically an Improper Neutralization of Special Elements used in an SQL Command. This allows for Blind SQL Injection,...

WordPress plugin The FOX 代码注入漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Give is a fundraising platform plugin used in it.WordPress plugin is an application...

WordPress Postcasa Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Postcasa Shortcode versions = 1.0...

WordPress Testimonial Slider Shortcode plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Testimonial Slider Shortcode versions = 1.1.9...

WordPress Embed documents shortcode plugin <= 1.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Embed documents shortcode versions = 1.5...

WordPress Semantic Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Semantic Shortcode versions = 1.0.1...

WordPress Geoportail Shortcode plugin <= 2.4.4 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Geoportail Shortcode versions = 2.4.4...

WordPress Shortcode Collection plugin <= 1.4 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Shortcode Collection versions = 1.4...

WordPress Image Carousel Shortcode plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Image Carousel Shortcode versions = 1.2...

WordPress Boombox Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Boombox Shortcode versions = 1.0.0...

WordPress Add Ribbon Shortcode plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Add Ribbon Shortcode versions = 1.0.1...

WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Moka Get Posts Shortcode versions = 1.0...

CVE-2024-10187

The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mycredlink shortcode in all version...

WordPress Semantic Shortcode Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Semantic Shortcode Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51898 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3185742b0c99 Credits SOPROBRO Required privilege Contribut...

WordPress Geoportail Shortcode Plugin <= 2.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Geoportail Shortcode Type Plugin Vulnerable versions = 2.4.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51890 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a1d7a21babab Credits SOPROBRO Required privilege...

WordPress Shortcode Collection Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software Shortcode Collection Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51864 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a79b02ce6496 Credits SOPROBRO Required privilege Contribut...

WordPress Postcasa Shortcode Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Postcasa Shortcode Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52352 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 44c29bb28d2e Credits SOPROBRO Required privilege Contributor...

WordPress Boombox Shortcode Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Boombox Shortcode Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51827 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d4ad6509bc56 Credits SOPROBRO Required privilege Contributo...

WordPress Moka Get Posts Shortcode Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Moka Get Posts Shortcode Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51804 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6ae6cd5a20b Credits SOPROBRO Required privilege...

PT-2024-16443 · WordPress · Content Slider Block

Name of the Vulnerable Software and Affected Versions: Content Slider Block plugin for WordPress versions prior to 3.1.6 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from password protected, private, or draft posts via the csb...