Custom Content Shortcode Security Vulnerabilities and Issues — Custom Content Shortcode CVE List

Custom Content Shortcode ProjectCustom Content Shortcode

5 matches found

CVE•added 2022/03/07 8:16 a.m.•85 views

CVE-2021-24824

The CVE-2021-24824 entry concerns the WordPress Custom Content Shortcode plugin before 4.0.1. The vulnerability allows authenticated users with a low-privilege role (as low as contributor) to access arbitrary post metadata, enabling potential sensitive data disclosure (e.g., WooCommerce order ema...

4.3CVSS4.5AI score0.00227EPSS

CVE•added 2022/03/07 8:16 a.m.•77 views

CVE-2021-24825

CVE-2021-24825 affects the WordPress plugin Custom Content Shortcode (versions before 4.0.2). The issue arises because load shortcode data is not validated, allowing authenticated contributors (v<4.0.1) or admins (v

4.3CVSS4.5AI score0.00089EPSS

CVE•added 2022/03/07 8:16 a.m.•71 views

CVE-2021-24826

The CVE-2021-24826 issue affects the WordPress plugin “Custom Content Shortcode” prior to version 4.0.2. The vulnerability arises because the plugin does not escape custom fields before output, enabling authenticated users with Contributor+ (v < 4.0.1) or Admin+ (v

5.4CVSS5.2AI score0.0018EPSS

CVE•added 2023/03/20 3:52 p.m.•47 views

CVE-2023-0340

The CVE-2023-0340 issue affects the Custom Content Shortcode WordPress plugin (

8.8CVSS8.7AI score0.01232EPSS

CVE•added 2023/03/20 3:52 p.m.•45 views

CVE-2023-0273

CVE-2023-0273 affects the WordPress plugin Custom Content Shortcode (versions

5.4CVSS5.3AI score0.00181EPSS