| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-0711 | Buttons Shortcode and Widget <= 1.16 - Stored XSS via shortcode | Unknown | Buttons Shortcode and Widget | 中危 | - | 2024-03-18 19:05:52 | Deep Dive |
| CVE-2024-0719 | Tabs Shortcode and Widget <= 1.17 - Contributor+ Stored Cross-Site Scripting | Unknown | Tabs Shortcode and Widget | 中危 | - | 2024-03-18 19:05:44 | Deep Dive |
| CVE-2024-2006 | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.7 - Authenticated (Contributor+) PHP Object Injection in outpost_shortcode_metabox_markup | wpwax | Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget | High | 8.8 | 2024-03-13 15:27:04 | Deep Dive |
| CVE-2024-24930 | WordPress Buttons Shortcode and Widget Plugin <= 1.16 is vulnerable to Cross Site Scripting (XSS) | OTWthemes.com | Buttons Shortcode and Widget | Medium | 6.5 | 2024-02-12 05:56:45 | Deep Dive |
| CVE-2022-4458 | Amr Shortcode Any Widget <= 4.0 - Contributor+ Stored XSS | Unknown | amr shortcode any widget | 中危 | - | 2023-02-13 14:32:11 | Deep Dive |
| CVE-2023-0379 | Spotlight Social Feeds < 1.4.3 - Contributor+ Stored XSS | Unknown | Spotlight Social Feeds [Block, Shortcode, and Widget] | 中危 | - | 2023-02-13 14:31:59 | Deep Dive |
| CVE-2022-4473 | Widget Shortcode <= 0.3.5 - Contributor+ Stored XSS | Unknown | Widget Shortcode | 中危 | - | 2023-02-13 14:31:59 | Deep Dive |