| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-31099 | WordPress Phlox Core Elements plugin <= 2.15.7 - Broken Access Control vulnerability | Averta | Shortcodes and extra features for Phlox theme | Medium | 6.4 | 2024-04-01 14:07:10 | Deep Dive |
| CVE-2024-30558 | WordPress Add Shortcodes Actions And Filters plugin <= 2.10 - Reflected Cross Site Scripting (XSS) vulnerability | Michael Simpson | Add Shortcodes Actions And Filters | High | 7.1 | 2024-03-31 19:41:33 | Deep Dive |
| CVE-2024-29797 | WordPress Grid Shortcodes plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability | WP Darko | Grid Shortcodes | Medium | 6.5 | 2024-03-27 12:25:25 | Deep Dive |
| CVE-2024-2732 | Themify Shortcodes <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting | themifyme | Themify Shortcodes | Medium | 5.4 | 2024-03-26 01:58:55 | Deep Dive |
| CVE-2024-29093 | WordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.3 - Cross Site Request Forgery (CSRF) vulnerability | Saleswonder Team: Tobias | Builder for WooCommerce reviews shortcodes – ReviewShort | Medium | 4.3 | 2024-03-19 16:40:14 | Deep Dive |
| CVE-2024-1658 | Grid Shortcodes < 1.1.1 - Contributor+ Stored XSS | Unknown | Grid Shortcodes | 中危 | - | 2024-03-18 15:15:26 | Deep Dive |
| CVE-2023-6969 | User Shortcodes Plus <= 2.0.2 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via user_meta Shortcode | kbjohnson90 | User Shortcodes Plus | Medium | 4.3 | 2024-03-13 15:26:57 | Deep Dive |
| CVE-2024-1808 | WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_qrcode Shortcode | gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate | Medium | 6.4 | 2024-02-28 12:50:50 | Deep Dive |
| CVE-2024-0792 | WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode | gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate | Medium | 6.4 | 2024-02-20 18:56:19 | Deep Dive |
| CVE-2024-1510 | WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_tooltip Shortcode | gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate | Medium | 6.4 | 2024-02-20 02:34:18 | Deep Dive |
| CVE-2024-21750 | WordPress Shortcodes Finder Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS) | Scribit | Shortcodes Finder | High | 7.1 | 2024-02-01 09:40:16 | Deep Dive |
| CVE-2024-22162 | WordPress WPZOOM Shortcodes plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability | WPZOOM | WPZOOM Shortcodes | High | 7.1 | 2024-01-31 18:00:10 | Deep Dive |
| CVE-2023-6530 | TJ Shortcodes <= 0.1.3 - Contributor+ Stored XSS via Shortcodes | Unknown | TJ Shortcodes | 中危 | - | 2024-01-29 14:44:23 | Deep Dive |
| CVE-2023-3372 | Lana Shortcodes < 1.2.0 - Contributor+ Stored XSS | Unknown | Lana Shortcodes | 低危 | - | 2024-01-16 15:55:36 | Deep Dive |
| CVE-2023-52142 | WordPress Events Shortcodes & Templates For The Events Calendar Plugin <= 2.3.1 is vulnerable to SQL Injection | Cool Plugins | Events Shortcodes For The Events Calendar | High | 7.6 | 2024-01-08 20:56:11 | Deep Dive |
| CVE-2023-51373 | WordPress Google Photos Gallery with Shortcodes Plugin <= 4.0.2 is vulnerable to Cross Site Scripting (XSS) | Ian Kennerley | Google Photos Gallery with Shortcodes | High | 7.1 | 2023-12-29 10:55:28 | Deep Dive |
| CVE-2023-49773 | WordPress BCorp Shortcodes Plugin <= 0.23 is vulnerable to PHP Object Injection | Tim Brattberg | BCorp Shortcodes | Critical | 10.0 | 2023-12-20 15:31:11 | Deep Dive |
| CVE-2023-6488 | WP Shortcodes Plugin — Shortcodes Ultimate <= 7.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate | Medium | 5.4 | 2023-12-19 01:59:00 | Deep Dive |
| CVE-2023-50368 | WordPress Shortcodes and extra features for Phlox theme Plugin <= 2.15.2 is vulnerable to Cross Site Scripting (XSS) | Averta | Shortcodes and extra features for Phlox theme | Medium | 6.5 | 2023-12-14 13:56:07 | Deep Dive |
| CVE-2023-47851 | WordPress Bootstrap Shortcodes Ultimate Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS) | Akhtarujjaman Shuvo | Bootstrap Shortcodes Ultimate | Medium | 6.5 | 2023-11-30 11:25:13 | Deep Dive |