Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
post shortcode project post shortcode vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5708
The WP Post Columns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'column' shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
Wp Post Columns Project Wp Post Columns
NA
CVE-2023-0368
The Responsive Tabs For WPBakery Page Builder (formerly Visual Composer) WordPress plugin up to and including 1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with th...
Responsive Tabs For Wpbakery Page Builder Project Responsive Tabs For Wpbakery Page Builder
NA
CVE-2023-0489
The SlideOnline WordPress plugin up to and including 1.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Si...
Slideonline Project Sideonline
NA
CVE-2023-0490
The f(x) TOC WordPress plugin up to and including 1.1.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site ...
F\\(x\\) Toc Project F\\(x\\) Toc
NA
CVE-2023-0526
The Post Shortcode WordPress plugin up to and including 2.0.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross...
Post Shortcode Project Post Shortcode
NA
CVE-2023-0536
The Wp-D3 WordPress plugin up to and including 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scr...
Wp-d3 Project Wp-d3
NA
CVE-2023-0418
The Video Central for WordPress plugin up to and including 1.3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cr...
Video Central Project Video Central
NA
CVE-2023-0367
The Pricing Tables For WPBakery Page Builder (formerly Visual Composer) WordPress plugin prior to 3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributo...
Pricing Tables For Wpbakery Page Builder Project Pricing Tables For Wpbakery Page Builder
NA
CVE-2023-0399
The Image Over Image For WPBakery Page Builder WordPress plugin prior to 3.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perfo...
Image Over Image For Wpbakery Page Builder Project Image Over Image For Wpbakery Page Builder
NA
CVE-2023-0395
The menu shortcode WordPress plugin up to and including 1.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripti...
Menu Shortcode Project Menu Shortcode
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »