Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 41 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-3885 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_box Shortcode gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2026-04-16 02:25:17 Deep Dive
CVE-2026-0737 Shortcodes Ultimate <= 7.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'su_lightbox' Shortcode gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2026-04-04 07:41:59 Deep Dive
CVE-2026-0738 Shortcodes Ultimate <= 7.4.8 - authenticated (Contributor+) Stored Cross-Site Scripting via 'su_carousel' Shortcode gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2026-04-04 07:41:58 Deep Dive
CVE-2026-2480 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'max_width' Shortcode Attribute gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2026-03-31 22:26:04 Deep Dive
CVE-2025-12800 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.5 - Authenticated (Administrator+) Server-Side Request Forgery gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2025-11-23 22:26:40 Deep Dive
CVE-2025-8015 Shortcodes Ultimate <= 7.4.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title and Slide Link gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2025-07-22 14:43:08 Deep Dive
CVE-2025-7369 Shortcodes Ultimate <= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode Execution gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.1 2025-07-21 07:23:25 Deep Dive
CVE-2025-7354 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2025-07-21 07:23:25 Deep Dive
CVE-2025-5567 Shortcodes Ultimate <= 7.4.0 - Authenticted (Contributor+) Stored Cross-Site Scripting via 'data-url' Attribute gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2025-07-04 02:22:33 Deep Dive
CVE-2024-5647 Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library blossomthemesBlossomThemes Social Feed Medium 6.4 2025-07-03 09:22:19 Deep Dive
CVE-2025-49244 WordPress Shortcodes Ultimate plugin <= 7.3.5 - Cross Site Scripting (XSS) Vulnerability VovaShortcodes Ultimate Medium 6.5 2025-06-06 12:53:36 Deep Dive
CVE-2025-0370 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2025-03-04 09:22:37 Deep Dive
CVE-2024-54264 WordPress Shortcodes Blocks Creator Ultimate plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability cmorillas1Shortcodes Blocks Creator Ultimate High 7.1 2024-12-13 14:24:43 Deep Dive
CVE-2024-12167 Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via _wpnonce cmorillas1Shortcodes Blocks Creator Ultimate Medium 6.1 2024-12-07 01:45:52 Deep Dive
CVE-2024-12166 Shortcodes Blocks Creator Ultimate <= 2.2.0 - Reflected Cross-Site Scripting via 'page' cmorillas1Shortcodes Blocks Creator Ultimate Medium 6.1 2024-12-07 01:45:50 Deep Dive
CVE-2024-10340 Shortcodes Blocks Creator Ultimate <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode cmorillas1Shortcodes Blocks Creator Ultimate Medium 6.4 2024-11-05 02:04:04 Deep Dive
CVE-2024-8500 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 5.4 2024-10-23 11:04:27 Deep Dive
CVE-2024-6766 Shortcodes Ultimate Pro < 7.2.1 - Contributor+ Stored XSS Unknownshortcodes-ultimate-pro--2024-08-06 06:00:07 Deep Dive
CVE-2024-4217 Shortcodes Ultimate Pro < 7.1.5 - Contributor+ Stored Cross-Site Scripting XSS Unknownshortcodes-ultimate-pro--2024-07-13 06:00:06 Deep Dive
CVE-2024-4821 WP Shortcodes Plugin — Shortcodes Ultimate <= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox Shortcode gn_themesWP Shortcodes Plugin — Shortcodes Ultimate Medium 6.4 2024-06-05 08:33:17 Deep Dive