WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross-Site Scripting via 'page' vulnerability

Reflected Cross-Site Scripting via 'page' vulnerability discovered by Colin Xu in WordPress Plugin Shortcodes Blocks Creator Ultimate versions = 2.2.0...

EUVD-2024-52389

Malicious code in bioql PyPI...

CVE-2024-54264

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmorillas1 Shortcodes Blocks Creator Ultimate ultimate-shortcodes-creator allows Reflected XSS.This issue affects Shortcodes Blocks Creator Ultimate: from n/a through = 2.2.0...

CVE-2024-54264

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmorillas1 Shortcodes Blocks Creator Ultimate ultimate-shortcodes-creator allows Reflected XSS.This issue affects Shortcodes Blocks Creator Ultimate: from n/a through = 2.2.0...

CVE-2024-54264 WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in César Morillas Shortcodes Blocks Creator Ultimate allows Reflected XSS.This issue affects Shortcodes Blocks Creator Ultimate: from n/a through 2.2.0...

CVE-2024-54264

CVE-2024-54264 affects the WordPress Shortcodes Blocks Creator Ultimate plugin (versions through 2.2.0). The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Exploitation is possible via standard web requests and may...

WordPress plugin Shortcodes Blocks Creator Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

CVE-2024-12167

The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpnonce' parameter in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-12167 Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via _wpnonce

The Shortcodes Blocks Creator Ultimate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'wpnonce' parameter in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-12166

CVE-2024-12166 refers to a vulnerability in the WordPress plugin Shortcodes Blocks Creator Ultimate (versions up to 2.2.0). The issue is a reflected cross-site scripting (XSS) via the page parameter caused by insufficient input sanitization and output escaping. This allows an unauthenticated atta...

WordPress plugin Shortcodes Blocks Creator Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Shortcodes Blocks Creator Ultimate versions = 2.2.0...

WordPress plugin Shortcodes Blocks Creator Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin Shortcodes Blocks Creator Ultimate versions = 2.1.3...

PT-2024-16200 · WordPress · Shortcodes Blocks Creator Ultimate

Name of the Vulnerable Software and Affected Versions: Shortcodes Blocks Creator Ultimate plugin for WordPress versions up to, and including, 2.1.3 Description: The issue is related to Stored Cross-Site Scripting via the scu shortcode due to insufficient input sanitization and output escaping on...

WordPress Shortcodes Blocks Creator Ultimate Plugin <= 2.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Blocks Creator Ultimate Type Plugin Vulnerable versions = 2.1.3 Fixed in 2.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10340 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e3eb71af58b7 Credits Istv...