News
WordPress upgraded to 4.3.1, patching a pair of vulnerabilities in the core engine, including a cross-site scripting issue enabled by a vulnerability in shortcodes.
Shortcodes Ultimate is a highly popular WordPress plugin that has over 700,000 active installations. The vulnerability affects plugin versions that are older than the current version 5.12.2.
Shortcodes in Wordpress are small snippets of text that you can enter into a post or page body which trigger a larger function to run at that position. It’s the equivalent of inserting a program ...
WordPress plugin vulnerability affecting up to 700,000 websites could lead to stored XSS attacks A vulnerability in the TablePress WordPress plugin enables attackers to inject malicious scripts that ...
“Unfortunately, WordPress allows any authenticated users to execute shortcodes via the parse-media-shortcode AJAX action, and some plugins also allow unauthenticated shortcode execution,” Gall ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback