Jetpack < 13.4 - Contributor+ Stored Cross-Site Scripting via wpvideo Shortcode

Description The plugin did not properly escape some of its shortcode attributes, allowing users with at least the contributor role to conduct Stored XSS attacks. PoC wpvideo OcobLTqC freedom=true preloadContent='"src=x onerror=alertdocument.cookie xss'...

Jetpack < 13.4 - Contributor+ Stored Cross-Site Scripting via wpvideo Shortcode

Description The plugin did not properly escape some of its shortcode attributes, allowing users with at least the contributor role to conduct Stored XSS attacks. wpvideo OcobLTqC freedom=true preloadContent='"src=x onerror=alertdocument.cookie xss'...

PT-2024-30780

Name of the Vulnerable Software and Affected Versions Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress versions up to, and including, 13.3.1 Description The issue is related to Stored Cross-Site Scripting via the plugin's wpvideo shortcode due to insufficient input sanitization...

WordPress plugin Testimonial Slider 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Simple Basic Contact Form < 20240511 - Unauthenticated Arbitrary Shortcode Execution

Description The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on the...

CVE-2024-4039 Orders Tracking for WooCommerce <= 1.2.10 - Unauthenticated Arbitrary Shortcode Execution

The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. This is due to the plugin allowing users to execute an action that does not properly validate a value before running doshortcode...

CVE-2024-4039

CVE-2024-4039 affects Orders Tracking for WooCommerce (WordPress). Unauthenticated attackers can exploit arbitrary shortcode execution via an action that calls do_shortcode without proper validation, impacting all versions up to 1.2.10. A partial patch arrived in 1.2.10 and a full patch in 1.2.11...

CVE-2024-4039 Orders Tracking for WooCommerce <= 1.2.10 - Unauthenticated Arbitrary Shortcode Execution

The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. This is due to the plugin allowing users to execute an action that does not properly validate a value before running doshortcode...

WordPress Orders Tracking for WooCommerce plugin <= 1.2.10 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Orders Tracking for WooCommerce versions = 1.2.10...

PT-2024-28822 · WordPress · Orders Tracking For Woocommerce

Name of the Vulnerable Software and Affected Versions: The Orders Tracking for WooCommerce plugin for WordPress versions up to 1.2.10 Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the plugin not properly validating a value before running do...

CVE-2024-3808 Porto Theme - Functionality <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'portoportfolios' shortcode 'portfoliolayout' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions,...

CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution

The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...

CVE-2024-4038

The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro WordPress plugin is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to 5.3.1. The issue arises because the plugin executes do_shortcode on a value without proper validation, enabling attackers to ...

CVE-2024-4038 Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution

The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that does not proper...

CVE-2024-4411 Mihdan: Yandex Turbo Feed <= 1.6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Mihdan: Yandex Turbo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.6.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-4383 Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

The Simple Membership plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'swpmpaypalsubscriptioncancellink' shortcode in all versions up to, and including, 4.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Porto Theme - Functionality plugin <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode/post meta vulnerability

WordPress Porto Theme - Functionality plugin = 3.1.0 - Authenticated Contributor+ Local File Inclusion via Shortcode/post meta vulnerability discovered by István Márton in WordPress Plugin Porto Theme - Functionality versions = 3.1.0...

PT-2024-28371 · WordPress · Swift Framework

Name of the Vulnerable Software and Affected Versions: Swift Framework plugin for WordPress versions prior to 2.7.32 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in several of the plugin's shortcodes, allowing authenticated...

PT-2024-30691 · WordPress · Simple Membership

Name of the Vulnerable Software and Affected Versions: Simple Membership plugin for WordPress versions up to, and including, 4.4.5 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the swpm paypal subscription cancel link...

PT-2024-30954 · Yandex · Yandex Turbo Feed Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Mihdan: Yandex Turbo Feed plugin for WordPress versions up to, and including, 1.6.5.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's shortcodes, allowing...