PT-2024-17960 · WordPress · Advanced Iframe

Name of the Vulnerable Software and Affected Versions: Advanced iFrame plugin for WordPress versions up to, and including, 2024.1 Description: The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's advanced iframe shortcode. This vulnerability is du...

SoundCloud Shortcode < 4.0.2 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

PT-2024-18324 · WordPress · Wp Shortcodes Plugin

Name of the Vulnerable Software and Affected Versions: WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress versions up to, and including, 7.0.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's su qrcode shortcode due to insufficient input sanitization...

CVE-2024-1687

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the gettexteditorcontent function in all versions up to, and including, 1.1.2. This makes it possible for authenticat...

Authentication flaw

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the gettexteditorcontent function in all versions up to, and including, 1.1.2. This makes it possible for authenticat...

CVE-2024-1687

CVE-2024-1687 (Thank You Page Customizer for WooCommerce – Increase Your Sales) is a WordPress plugin vulnerability reported by RH: The issue is unauthorized execution of shortcodes due to a missing capability check on get_text_editor_content() in all versions up to 1.1.2. Root cause: lack of pro...

WordPress SoundCloud Shortcode Plugin <= 4.0.1 is vulnerable to Cross Site Scripting (XSS)

Software SoundCloud Shortcode Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-25936 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2b1a2e695d03 Credits LVT-tholv2k Requir...

User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode

Description The User Shortcodes Plus plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.2 via the usermeta shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

Team Members < 5.3.2 - Author+ Stored XSS

Description The plugin does not validate and escape some of its Team options attributes before outputting them back in a page/post where the related shortcode is embed, which could allow users with the author role and above to perform Stored Cross-Site Scripting attacks. PoC 1. Create/edit a team...

CVE-2024-1810

The Archivist – Custom Archive Templates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘shortcodeattributes' parameter in all versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2024-1362

The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cpshortcoderefresh function. This makes it possible for unauthenticated attackers to execute arbitra...

CVE-2024-1362 Colibri Page Builder <= 1.0.253 - Cross-Site Request Fogery via cp_shortcode_refresh

The Colibri Page Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.253. This is due to missing or incorrect nonce validation on the cpshortcoderefresh function. This makes it possible for unauthenticated attackers to execute arbitra...

WordPress Tabs Shortcode and Widget Plugin <= 1.17 is vulnerable to Cross Site Scripting (XSS)

Software Tabs Shortcode and Widget Type Plugin Vulnerable versions = 1.17 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0719 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b7bc2e300121 Credits Dmitrii Ignatyev...

PT-2024-18326 · WordPress · The Archivist – Custom Archive Templates

Name of the Vulnerable Software and Affected Versions: The Archivist – Custom Archive Templates plugin for WordPress versions up to, and including, 1.7.5 Description: The issue is related to Reflected Cross-Site Scripting via the shortcode attributes parameter due to insufficient input sanitizati...

WordPress Plugin Colibri Page Builder Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15778 · WordPress · Tabs Shortcode/Widget

Name of the Vulnerable Software and Affected Versions: The Tabs Shortcode and Widget WordPress plugin versions 1.17 and earlier Description: The issue concerns the lack of validation and escaping of some shortcode attributes in the plugin, which could allow users with the contributor role and abo...

Sassy Social Share < 3.3.57 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-1570 ProfilePress <= 4.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's login-password shortcode in all versions up to, and including, 4.14.4 due to insufficient...

CVE-2024-1510

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sutooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplie...

Buttons Shortcode and Widget <= 1.16 - Stored XSS via shortcode

Description The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. otwshortcodebutton...