WordPress Themify Shortcodes plugin <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via themifybutton Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Themify Shortcodes versions = 2.0.9...

CVE-2024-4135

CVE-2024-4135 affects the WP Latest Posts WordPress plugin, vulnerable in all versions up to 5.0.7. Unauthenticated attackers can trigger arbitrary shortcodes due to unvalidated user input used by do_shortcode. CVSS v3.1 base score 5.4 (Medium). A patched version exists; remediation is to update ...

CVE-2024-4135 WP Latest Posts <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

WordPress WP Latest Posts plugin <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin WP Latest Posts versions = 5.0.7...

WordPress Link Library plugin <= 7.6.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via link-library Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via link-library Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Link Library versions = 7.6.11...

WordPress Back In Stock Notifier for WooCommerce plugin <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Plugin Back In Stock Notifier for WooCommerce versions = 5.3.1...

PT-2024-30173 · WordPress · Link Library

Name of the Vulnerable Software and Affected Versions: Link Library plugin for WordPress versions up to, and including, 7.6.11 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode due to insufficient input sanitization and output escaping on...

PT-2024-26260 · WordPress · Mesmerize Companion

Name of the Vulnerable Software and Affected Versions: Mesmerize Companion plugin for WordPress versions up to, and including, 1.6.148 Description: The issue is related to Stored Cross-Site Scripting via the plugin's mesmerize contact form shortcode due to insufficient input sanitization and outp...

WordPress Meta Data and Taxonomies Filter (MDTF) < 1.3.3.3 - Unauthenticated Arbitrary Shortcode Execution

Description The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.2. This is due to the software allowing users to execute an action that does not properly validate a value before running...

Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro < 5.3.2 - Unauthenticated Arbitrary Shortcode Execution

Description The The Back In Stock Notifier for WooCommerce | WooCommerce Waitlist Pro plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.3.1. This is due to the plugin for WordPress allowing users to execute an action that doe...

WP Latest Posts < 5.0.8 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

Description The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call ...

WordPress Mihdan: Yandex Turbo Feed plugin <= 1.6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Mihdan: Yandex Turbo Feed versions = 1.6.5.1...

WordPress Simple Membership plugin <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by wesley wcraft in WordPress Plugin Simple Membership versions = 4.4.5...

CVE-2024-3240

CVE-2024-3240 affects the ConvertPlug (ConvertPlus) WordPress plugin up to version 3.5.25. It allows authenticated users withContributor+ access to trigger a PHP Object Injection via deserialization of untrusted data in the shortcodes’ settings_encoded attribute of the smile_info_bar element, pot...

WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.2 - Arbitrary Shortcode Execution vulnerability

Arbitrary Shortcode Execution vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin MDTF versions = 1.3.3.2...

WordPress Leaflet Maps Marker plugin <= 3.12.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Leaflet Maps Marker versions = 3.12.8...

CVE-2024-3703

The Carousel Slider WordPress plugin before 2.2.10 does not validate and escape some of its Slide options before outputting them back in the page/post where the related Slide shortcode is embed, which could allow users with the Editor role and above to perform Stored Cross-Site Scripting attacks...

Premium Addons for Elementor < 4.10.31 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

ElementsKit Elementor addons 3.0.7 - 3.1.2 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...

ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) < 2.8.8 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin...