Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Custom Content Shortcode ProjectCustom Content Shortcode*

3 matches found

CVE
CVEadded 2022/03/07 8:16 a.m.87 views

CVE-2021-24824

The CVE-2021-24824 entry concerns the WordPress Custom Content Shortcode plugin before 4.0.1. The vulnerability allows authenticated users with a low-privilege role (as low as contributor) to access arbitrary post metadata, enabling potential sensitive data disclosure (e.g., WooCommerce order ema...

4.3CVSS4.5AI score0.00227EPSS
CVE
CVEadded 2022/03/07 8:16 a.m.78 views

CVE-2021-24825

CVE-2021-24825 affects the WordPress plugin Custom Content Shortcode (versions before 4.0.2). The issue arises because load shortcode data is not validated, allowing authenticated contributors (v<4.0.1) or admins (v

4.3CVSS4.5AI score0.00089EPSS
CVE
CVEadded 2022/03/07 8:16 a.m.72 views

CVE-2021-24826

The CVE-2021-24826 issue affects the WordPress plugin “Custom Content Shortcode” prior to version 4.0.2. The vulnerability arises because the plugin does not escape custom fields before output, enabling authenticated users with Contributor+ (v < 4.0.1) or Admin+ (v

5.4CVSS5.2AI score0.0018EPSS