CVE-2021-24226

In the AccessAlly WordPress plugin before 3.5.7, the file "resource/frontend/product/product-shortcode.php" responsible for the accessallyorderform shortcode is dumping serialize$SERVER, which contains all environment variables. The leakage occurs on all public facing pages containing the...

CVE-2021-24226

In the AccessAlly WordPress plugin before 3.5.7, the file "resource/frontend/product/product-shortcode.php" responsible for the accessallyorderform shortcode is dumping serialize$SERVER, which contains all environment variables. The leakage occurs on all public facing pages containing the...

CVE-2021-24221 Quiz And Survey Master < 7.1.12 - Authenticated SQL injection via shortcode

The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin before 7.1.12 did not sanitise the resultid GET parameter on pages with the qsmresult shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection. The lowest role allowed to...

WordPress 插件信息泄露漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in the AccessAlly WordPress plugin prior to version...

Quiz And Survey Master < 7.1.12 - Authenticated SQL injection via shortcode

The plugin did not sanitise the resultid GET parameter on pages with the qsmresult shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection. The lowest role allowed to use this shortcode in post or pages being author, such user could gain unauthorised...

AccessAlly < 3.5.7 - $_SERVER Superglobal Leakage

In the plugin, the file "resource/frontend/product/product-shortcode.php" responsible for the accessallyorderform shortcode is dumping serialize$SERVER, which contains all environment variables. The leakage occurs on all public facing pages containing the accessallyorderform shortcode, no login o...

Quiz And Survey Master < 7.1.12 - Authenticated SQL injection via shortcode

The plugin did not sanitise the resultid GET parameter on pages with the qsmresult shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection. The lowest role allowed to use this shortcode in post or pages being author, such user could gain unauthorised...

Responsive Lightbox2 < 1.0.3 - Authenticated Stored Cross-Site Scripting

The ‘hyperlink’ field in used while linking an image from a URL was found to be vulnerable to stored XSS, as they did not sanitize user given input properly before publishing the post. It is triggered when a users loads a page where the plugin shortcode is used. All WordPress websites using...

Wordpress Easy Media Download 1.1.4 Cross Site Scripting

Exploit Title: Wordpress Easy Media Download v1.1.4 - Persistent Cross-Site Scripting Date: 2020-08-14 Vendor Homepage: https://noorsplugin.com/ Vendor Changelog: https://wordpress.org/plugins/easy-media-download/developers Exploit Author: Melbin K Mathew @melbinkm Author Advisory:...

The vulnerability of the WordPress website content management system, related to the lack of measures taken to protect the structure of web pages, allows attackers to compromise the integrity of data.

The vulnerability of the WordPress content management system’s functions is related to an error in the execution of XSS attacks during shortcode rendering. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

Media Library Assistant < 2.82 - Authenticated RCE

Remote Code Execution can occur via the taxquery, metaquery, and datequery parameter of the mlagallery shortcode...

WordPress GistPress Cross-Site Scripting Vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the shortcode feature in WordPress GistPress versions prior to...

Profile Builder and Profile Builder Pro < 3.1.1 - User Registration With Administrator Role

The plugin is affected by a broken authentication vulnerability, allowing unauthenticated users to register or edit their account and gain the Administrator role using the plugin's forms. The vulnerability only exists in the Plugin's own generated Registration Form or Profile Edit Form. This mean...

CVE-2020-8498

XSS exists in the shortcode functionality of the GistPress plugin before 3.0.2 for WordPress via the includes/class-gistpress.php id parameter. This allows an attacker with the WordPress Contributor role to execute arbitrary JavaScript code with the privileges of other users e.g., ones who have t...

Ultimate FAQ < 1.8.30 - Unauthenticated Reflected XSS

The HTML code generated by the FAQ shortcode does not sanitise the DisplayFAQ GET parameter, leading to an unauthenticated reflected Cross-Site Scripting issue on pages where such shortcode is used. PoC Append the following payload on a page where a FAQ is embedded: ?DisplayFAQ=...

WordPress Shortcode Ninja Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Shortcode Ninja is a form builder plugin used in it. WordPress Shortcode Ninja 1.4 and earlier versions of the...

Donorbox 7.1~7.1.1 - Stored Cross-Site Scripting via Shortcode

In Donorbox WordPress plugin, one can perform an XSS attack via the included shortcode by inserting arbitrary HTML attributes. This vulnerability was introduced in v7.1 and fixed in v7.1.2. PoC donate url='/?" autofocus onfocus="alertwindow" abitraryAttributeToValidateShortcodeParsing="'...

CVE-2014-4550

Cross-site scripting XSS vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in preview-shortcode-external.php in the Shortcode Ninja plugin 1.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter...

CVE-2014-4550

CVE-2014-4550 is a cross-site scripting vulnerability in the WordPress plugin Shortcode Ninja up to version 1.4 (and earlier) in the file preview-shortcode-external.php . The root cause is insufficient validation/escaping of the shortcode parameter, allowing remote attackers to inject arbitrary s...