2 matches found
CVE-2023-45643
CVE-2023-45643 : Cross-Site Request Forgery (CSRF) in the WordPress plugin “CPT Shortcode Generator” (≤1.0). Connected sources consistently describe CSRF as the vulnerability, with the exploit requiring no privileges but user interaction in some tiers, and unauthenticated access reported by some ...
CVE-2023-45644
CVE-2023-45644: Authenticated (admin+) Stored Cross-Site Scripting in the CPT Shortcode Generator plugin prior to or at version 1.0. Root cause details are not explicitly stated in the provided documents, but the vulnerability is described as a stored XSS affecting admin-level contexts. Public ex...