WordPress plugin mcjh button shortcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Smoothness Slider Shortcode 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress plugin Toggles Shortcode and Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

PT-2025-1690 · WordPress · Sell Media

Name of the Vulnerable Software and Affected Versions: Sell Media plugin for WordPress versions up to and including 2.5.8.5 Description: The issue is related to stored cross-site scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the sell media...

PT-2025-4546 · Unknown · Smoothness Slider Shortcode

Name of the Vulnerable Software and Affected Versions: Smoothness Slider Shortcode versions n/a through v1.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user into performing unintended...

PT-2025-1839 · WordPress · Cf7 Wow Styler

Name of the Vulnerable Software and Affected Versions: The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress versions prior to 1.7.1 Description: The issue is due to the software allowing users to execute an action that does not properly validate a value befor...

PT-2025-1710 · WordPress · Slider Pro Lite

Name of the Vulnerable Software and Affected Versions: Slider Pro Lite plugin for WordPress versions up to, and including, 1.4.1 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's sliderpro shortcode. This allows...

PT-2025-1885 · WordPress · Wordpress Survey & Poll

Name of the Vulnerable Software and Affected Versions: WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress versions up to 1.7.5 Description: The issue is related to stored cross-site scripting due to insufficient input sanitization and output escaping on user-supplied attributes ...

PT-2025-4549 · Unknown · Mcjh Button Shortcode

Name of the Vulnerable Software and Affected Versions: mcjh button shortcode versions 1.6.4 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For...

PT-2025-1849 · WordPress · Marketplace Items

Name of the Vulnerable Software and Affected Versions: Marketplace Items plugin for WordPress versions up to, and including, 1.5.5 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's 'marketplace' shortcode. This allow...

PT-2025-3735 · WordPress · The Social Rocket – Social Sharing Plugin

Name of the Vulnerable Software and Affected Versions: Social Rocket – Social Sharing Plugin versions up to and including 1.3.4 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the socialrocket-floating shortcode. This allows...

PT-2025-1904 · WordPress · Sellsy Plugin

Name of the Vulnerable Software and Affected Versions: Sellsy plugin for WordPress versions prior to 2.3.4 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'testSellsy' shortcode due to insufficient input sanitization and output escaping on user-supplied attribute...

PT-2025-1650 · WordPress · Common Ninja

Name of the Vulnerable Software and Affected Versions: Common Ninja: Fully Customizable & Perfectly Responsive Free Widgets for WordPress Websites plugin for WordPress versions up to, and including, 1.1.0 Description: The issue is related to stored cross-site scripting due to insufficient input...

PT-2025-1870 · WordPress · Wp Jquery Datatable

Name of the Vulnerable Software and Affected Versions: WP jQuery DataTable plugin for WordPress versions up to, and including, 4.0.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'wp jdt' shortcode due to insufficient input sanitization and output escaping on...

PT-2025-1686 · WordPress · App Embed

Name of the Vulnerable Software and Affected Versions: App Embed plugin for WordPress versions up to and including 2.3.2 Description: The issue is related to stored cross-site scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the plugin's 'appizy'...

WordPress plugin Tabs Shortcode 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-1666 · WordPress · Tabs Shortcode

Name of the Vulnerable Software and Affected Versions: Tabs Shortcode WordPress plugin versions 2.0.2 and earlier Description: The issue concerns the Tabs Shortcode WordPress plugin, which does not validate and escape some of its shortcode attributes before outputting them back in a page or post...

PT-2025-1657 · WordPress · Image Magnify

Name of the Vulnerable Software and Affected Versions: Image Magnify plugin for WordPress versions up to, and including, 1.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'image magnify' shortcode due to insufficient input sanitization and output escaping on...

PT-2025-1852 · WordPress · Rightmessage Wp

Name of the Vulnerable Software and Affected Versions: RightMessage WP plugin for WordPress versions up to, and including, 0.9.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'rm area' shortcode due to insufficient input sanitization and output escaping on...

WordPress plugin FancyPost 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...