Authenticated Attacks
WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1808 | WordPress Plugin Vulnerability Report
Plugin Name: WP Shortcodes Plugin – Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,807,873 Active Installs: 600,000 Last Updated: February 28, 2024 Patched Versions: 7.0.4 Affected Versions: <= 7.0.3 Vulnerability Details: Name: WP Shortcodes Plugin – Shortcodes Ultimate <= 7.0.3 Title: Authenticated (Contributor+) Stored…
Read MorePlugin for Google Reviews – Authenticated Stored Cross-Site Scripting via Shortcode – CVE-2023-6884 | WordPress Plugin Vulnerability Report
Plugin Name: Plugin for Google Reviews Key Information: Software Type: Plugin Software Slug: widget-google-reviews Software Status: Active Software Author: widgetpack Software Downloads: 3,299,708 Active Installs: 100,000 Last Updated: January 12, 2024 Patched Versions: 3.2 Affected Versions: <= 3.1 Vulnerability Details: Name: Plugin for Google Reviews <= 3.1 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode…
Read MoreWordPress Plugin Vulnerability Report – Table of Contents Plus – Authenticated (Administrator+) Stored Cross-Site Scripting
Plugin Name: Table of Contents Plus Key Information: Software Type: Plugin Software Slug: table-of-contents-plus Software Status: Active Software Author: conjur3r Software Downloads: 2,261,612 Active Installs: 300,000 Last Updated: September 19, 2023 Patched Versions: 2309 Affected Versions: <2309 Vulnerability Details: Name: Table of Contents Plus <= 2302 – Authenticated (Administrator+) Stored Cross-Site Scripting Type: Improper Neutralization…
Read More