Shortcodes Ultimate Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode – CVE-2024-1510 | WordPress Plugin Vulnerability Report

Plugin Name: Shortcodes Ultimate Key Information ormation: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,644,577 Active Installs: 600,000 Last Updated: February 19, 2024 Patched Versions: 7.0.3 Affected Versions: <= 7.0.2 Vulnerability Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode Type: Improper Neutralization of Input During Web Page Generation…

Read More

WordPress Plugin Vulnerabilities Report – Booster for WooCommerce – Authenticated Stored Cross-Site Scripting & Information Disclosure – CVE-2023-4945, CVE-2023-4796

Plugin Name: Booster for WooCommerce Key Information: Software Type: Plugin Software Slug: woocommerce-jetpack Software Status: Active Software Author: pluggabl Software Downloads: 3,353,295 Active Installs: 60,000 Last Updated: September 13, 2023 Patched Versions: 7.1.1 Affected Versions: <=7.1.0 Vulnerability Details: 1. Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Type: Improper Neutralization of Input During Web Page Generation…

Read More