WP Shortcodes Plugin Vulnerability— Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-1808 | WordPress Plugin Vulnerability Report

Plugin Name: WP Shortcodes Plugin — Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,807,873 Active Installs: 600,000 Last Updated: February 28, 2024 Patched Versions: 7.0.4 Affected Versions: <= 7.0.3 Vulnerability Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.3 Title: Authenticated (Contributor+) Stored…

Read More

Shortcodes Ultimate Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode – CVE-2024-1510 | WordPress Plugin Vulnerability Report

Plugin Name: Shortcodes Ultimate Key Information ormation: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,644,577 Active Installs: 600,000 Last Updated: February 19, 2024 Patched Versions: 7.0.3 Affected Versions: <= 7.0.2 Vulnerability Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.2 – Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode Type: Improper Neutralization of Input During Web Page Generation…

Read More

WP Shortcodes Plugin Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-6488 | WordPress Plugin Vulnerability Report

Plugin Name: WP Shortcodes Plugin Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 18,131,157 Active Installs: 600,000 Last Updated: December 18, 2023 Patched Versions: <= 7.0.0 Affected Versions: 7.0.1 Vulnerability Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.0 – Authenticated (Contributor+) Stored Cross-Site Scripting Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During Web…

Read More

WordPress Plugin Vulnerability Report – Shortcodes Ultimate – Authenticated (Contributor+) Stored Cross-Site Scripting & Insecure Direct Object Reference to Information Disclosure – CVE-2023-6225 & CVE-2023-6226

Plugin Name: Shortcodes Ultimate Key Information: Software Type: Plugin Software Slug: shortcodes-ultimate Software Status: Active Software Author: gn_themes Software Downloads: 17,874,399 Active Installs: 600,000 Last Updated: November 27, 2023 Patched Versions: 7.0.0 Affected Versions: <= 5.13.3 Vulnerability 1 Details: Name: WP Shortcodes Plugin — Shortcodes Ultimate <= 5.13.3 – Authenticated (Contributor+) Stored Cross-Site Scripting Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During Web…

Read More