4 matches found
CVE-2026-15292
The Sudoku Shortcode plugin for WordPress is affected by CVE-2026-15292: Stored Cross-Site Scripting via the background parameter in the sudoku-sc shortcode, in all versions up to and including 1.0.0. Exploitation requires authenticated access at Contributor level or higher, enabling an attacker ...
CVE-2026-15292
The Sudoku Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'background' parameter in the 'sudoku-sc' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2026-42801
The Sudoku Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'background' parameter in the 'sudoku-sc' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Sudoku Shortcode plugin <= 1.0.0 - Authenticated (Contributor+) Cross-Site Scripting via 'background' Shortcode Attribute vulnerability
Authenticated Contributor+ Cross-Site Scripting via 'background' Shortcode Attribute vulnerability discovered by Gilang - DJ in WordPress Plugin Sudoku Shortcode versions = 1.0.0...