6 matches found
CVE-2025-13896
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2025-13896 Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
PT-2025-49350
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2023-32165
Malicious code in bioql PyPI...
CVE-2023-28495
Cross-Site Request Forgery CSRF vulnerability in MyThemeShop WP Shortcode by MyThemeShop plugin = 1.4.16 versions...
CVE-2023-28495
CVE-2023-28495 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the WordPress plugin WP Shortcode by MyThemeShop, version