All the vulnerabilites related to gn_themes - WP Shortcodes Plugin — Shortcodes Ultimate
cve-2025-7369
Vulnerability from cvelistv5
Published
2025-07-21 07:23
Modified
2025-07-21 17:42
Severity ?
EPSS score ?
Summary
Shortcodes Ultimate <= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode Execution
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T17:41:55.597431Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T17:42:04.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.4.2. This is due to missing or incorrect nonce validation on the preview function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.\r\nIn combination with CVE-2025-7354, it leads to Reflected Cross-Site Scripting."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T07:23:25.011Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5934d1c8-1553-4908-aaab-89d2189eb4cd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/inc/core/generator.php#L339"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3328729/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-07T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-07-08T19:34:35.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-20T19:03:54.000+00:00",
"value": "Disclosed"
}
],
"title": "Shortcodes Ultimate \u003c= 7.4.2 - Cross-Site Request Forgery to Arbitrary Shortcode Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7369",
"datePublished": "2025-07-21T07:23:25.011Z",
"dateReserved": "2025-07-08T19:18:27.435Z",
"dateUpdated": "2025-07-21T17:42:04.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6225
Vulnerability from cvelistv5
Published
2023-11-28 04:31
Modified
2024-08-02 08:21
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_meta shortcode combined with post meta data in all versions up to, and including, 5.13.3 due to insufficient input sanitization and output escaping on user supplied meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/558e36f6-4678-46a2-8154-42770fbb5574?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/meta.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3000576%40shortcodes-ultimate\u0026new=3000576%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "5.13.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s su_meta shortcode combined with post meta data in all versions up to, and including, 5.13.3 due to insufficient input sanitization and output escaping on user supplied meta values. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-28T04:31:51.706Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/558e36f6-4678-46a2-8154-42770fbb5574?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/meta.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3000576%40shortcodes-ultimate\u0026new=3000576%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-27T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6225",
"datePublished": "2023-11-28T04:31:51.706Z",
"dateReserved": "2023-11-20T21:47:42.883Z",
"dateUpdated": "2024-08-02T08:21:17.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6488
Vulnerability from cvelistv5
Published
2023-12-19 01:58
Modified
2024-08-02 08:28
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_button', 'su_members', and 'su_tabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.818Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50a89ad1-a3d0-49e3-8d2e-4cb81ac115ba?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/button.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3007660%40shortcodes-ultimate\u0026new=3007660%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.0.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027su_button\u0027, \u0027su_members\u0027, and \u0027su_tabs\u0027 shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T01:58:59.593Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/50a89ad1-a3d0-49e3-8d2e-4cb81ac115ba?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/button.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3007660%40shortcodes-ultimate\u0026new=3007660%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-18T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6488",
"datePublished": "2023-12-19T01:58:59.593Z",
"dateReserved": "2023-12-04T16:20:20.784Z",
"dateUpdated": "2024-08-02T08:28:21.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-4553
Vulnerability from cvelistv5
Published
2024-05-21 09:31
Modified
2024-08-01 20:47
Severity ?
EPSS score ?
Summary
WP Shortcodes Plugin — Shortcodes Ultimate <= 7.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T14:24:47.785628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:55:32.823Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:47:40.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d8db8ed5-ebeb-4102-928f-fe417e429ad2?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.1.4/includes/shortcodes/members.php#L83"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3084162/#file524"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.1.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "wesley"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027su_members\u0027 shortcode in all versions up to, and including, 7.1.5 due to insufficient input sanitization and output escaping on user supplied \u0027color\u0027 attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T09:31:50.781Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d8db8ed5-ebeb-4102-928f-fe417e429ad2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.1.4/includes/shortcodes/members.php#L83"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3084162/#file524"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-20T20:36:37.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate \u003c= 7.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_members Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4553",
"datePublished": "2024-05-21T09:31:50.781Z",
"dateReserved": "2024-05-06T17:02:21.528Z",
"dateUpdated": "2024-08-01T20:47:40.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6226
Vulnerability from cvelistv5
Published
2023-11-28 04:31
Modified
2024-08-02 08:21
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys 'key' and 'post_id'. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:21:17.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d936a48-b300-4a41-8d28-ba34cb3c5cb7?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/meta.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3000576%40shortcodes-ultimate\u0026new=3000576%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "5.13.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.13.3 via the su_meta shortcode due to missing validation on the user controlled keys \u0027key\u0027 and \u0027post_id\u0027. This makes it possible for authenticated attackers, with contributor-level access and above, to retrieve arbitrary post meta values which may contain sensitive information when combined with another plugin."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-28T04:31:51.116Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4d936a48-b300-4a41-8d28-ba34cb3c5cb7?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/meta.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3000576%40shortcodes-ultimate\u0026new=3000576%40shortcodes-ultimate\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2023-11-27T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-6226",
"datePublished": "2023-11-28T04:31:51.116Z",
"dateReserved": "2023-11-20T22:00:59.798Z",
"dateUpdated": "2024-08-02T08:21:17.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-7354
Vulnerability from cvelistv5
Published
2025-07-21 07:23
Modified
2025-07-21 11:07
Severity ?
EPSS score ?
Summary
WP Shortcodes Plugin — Shortcodes Ultimate <= 7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-21T11:07:45.711963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T11:07:53.742Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcodes in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-21T07:23:25.369Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/62d32cda-bb6d-4ffa-82b9-f2f6e8d4346f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/includes/shortcodes/members.php#L79"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/includes/shortcodes/button.php#L408"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/includes/shortcodes/expand.php#L130"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/includes/shortcodes/user.php#L95"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.2/includes/shortcodes/post.php#L116"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3328729/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-24T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-07-08T12:43:43.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-20T19:04:16.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate \u003c= 7.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Plugin Shortcodes"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-7354",
"datePublished": "2025-07-21T07:23:25.369Z",
"dateReserved": "2025-07-08T12:28:22.432Z",
"dateUpdated": "2025-07-21T11:07:53.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-4821
Vulnerability from cvelistv5
Published
2024-06-05 08:33
Modified
2024-08-01 20:55
Severity ?
EPSS score ?
Summary
WP Shortcodes Plugin — Shortcodes Ultimate <= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox Shortcode
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T13:09:28.968265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T13:09:44.859Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:09.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec7649da-5358-4fe2-8706-b945bba02c93?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.1.5/includes/shortcodes/lightbox.php#L71"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3096024%40shortcodes-ultimate%2Ftrunk\u0026old=3084162%40shortcodes-ultimate%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.1.6",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Richard Telleng"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s su_lightbox shortcode in all versions up to, and including, 7.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T08:33:16.794Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec7649da-5358-4fe2-8706-b945bba02c93?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.1.5/includes/shortcodes/lightbox.php#L71"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3096024%40shortcodes-ultimate%2Ftrunk\u0026old=3084162%40shortcodes-ultimate%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file1"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-04T20:15:54.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate \u003c= 7.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via su_lightbox Shortcode"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-4821",
"datePublished": "2024-06-05T08:33:16.794Z",
"dateReserved": "2024-05-13T07:15:02.790Z",
"dateUpdated": "2024-08-01T20:55:09.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-8015
Vulnerability from cvelistv5
Published
2025-07-22 14:43
Modified
2025-07-22 14:55
Severity ?
EPSS score ?
Summary
Shortcodes Ultimate <= 7.4.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title and Slide Link
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T14:55:34.944756Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T14:55:47.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dmitrii Ignatyev"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded image\u0027s \u0027Title\u0027 and \u0027Slide link\u0027 fields in all versions up to, and including, 7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T14:43:08.091Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/deba0a29-7fe5-4f94-bee6-9d01e023215e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3328729/shortcodes-ultimate"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-22T02:17:21.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-21T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Shortcodes Ultimate \u003c= 7.4.2 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title and Slide Link"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-8015",
"datePublished": "2025-07-22T14:43:08.091Z",
"dateReserved": "2025-07-22T01:57:43.321Z",
"dateUpdated": "2025-07-22T14:55:47.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1510
Vulnerability from cvelistv5
Published
2024-02-20 02:34
Modified
2024-08-01 18:40
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1510",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T16:53:13.742153Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T18:00:43.212Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:40:21.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ee03d780-076b-4501-a353-376198a4bd7b?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.0.2/includes/shortcodes/tooltip.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3037436/shortcodes-ultimate/trunk/includes/shortcodes/tooltip.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.0.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Richard Telleng"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s su_tooltip shortcode in all versions up to, and including, 7.0.2 due to insufficient input sanitization and output escaping on user supplied attributes and user supplied tags. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-20T02:34:18.031Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ee03d780-076b-4501-a353-376198a4bd7b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.0.2/includes/shortcodes/tooltip.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3037436/shortcodes-ultimate/trunk/includes/shortcodes/tooltip.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-19T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1510",
"datePublished": "2024-02-20T02:34:18.031Z",
"dateReserved": "2024-02-14T20:42:57.665Z",
"dateUpdated": "2024-08-01T18:40:21.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3550
Vulnerability from cvelistv5
Published
2024-05-02 16:52
Modified
2024-08-01 20:12
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-02T19:23:07.713704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:52.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:07.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf7b0f1b-a6d3-4a96-adaa-0adeb6ea2efd?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/functions-html.php#L51"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/lightbox.php#L71"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/service.php#L93"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/dailymotion.php#L141"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3069959%40shortcodes-ultimate%2Ftrunk\u0026old=3069892%40shortcodes-ultimate%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.1.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcode(s) in all versions up to, and including, 7.1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-02T16:52:33.461Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf7b0f1b-a6d3-4a96-adaa-0adeb6ea2efd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/functions-html.php#L51"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/lightbox.php#L71"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/service.php#L93"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/dailymotion.php#L141"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3069959%40shortcodes-ultimate%2Ftrunk\u0026old=3069892%40shortcodes-ultimate%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-04-29T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3550",
"datePublished": "2024-05-02T16:52:33.461Z",
"dateReserved": "2024-04-09T19:45:25.039Z",
"dateUpdated": "2024-08-01T20:12:07.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5647
Vulnerability from cvelistv5
Published
2025-07-03 09:22
Modified
2025-07-03 13:17
Severity ?
EPSS score ?
Summary
Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-03T12:59:42.727059Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T13:17:30.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BlossomThemes Social Feed",
"vendor": "blossomthemes",
"versions": [
{
"lessThanOrEqual": "2.0.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Carousel Slider",
"vendor": "majeedraza",
"versions": [
{
"lessThanOrEqual": "2.2.14",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Supreme Modules Lite \u2013 Divi Theme, Extra Theme and Divi Builder",
"vendor": "divisupreme",
"versions": [
{
"lessThanOrEqual": "2.5.52",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Photo Gallery, Images, Slider in Rbs Image Gallery",
"vendor": "robosoft",
"versions": [
{
"lessThanOrEqual": "3.2.22",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Gutentor \u2013 Gutenberg Blocks \u2013 Page Builder for Gutenberg Editor",
"vendor": "gutentor",
"versions": [
{
"lessThanOrEqual": "3.4.9",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OceanWP",
"vendor": "oceanwp",
"versions": [
{
"lessThanOrEqual": "3.6.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Happy Addons for Elementor",
"vendor": "thehappymonster",
"versions": [
{
"lessThanOrEqual": "3.12.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Divi Torque \u2013 Plugin for Divi Theme and Builder",
"vendor": "badhonrocks",
"versions": [
{
"lessThanOrEqual": "4.0.5",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Divi Builder",
"vendor": "Elegant Themes",
"versions": [
{
"lessThanOrEqual": "4.27.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Divi",
"vendor": "Elegant Themes",
"versions": [
{
"lessThanOrEqual": "4.27.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Divi Extra",
"vendor": "Elegant Themes",
"versions": [
{
"lessThanOrEqual": "4.27.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Bold Page Builder",
"vendor": "boldthemes",
"versions": [
{
"lessThanOrEqual": "5.1.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Essential Addons for Elementor \u2013 Popular Elementor Templates and Widgets",
"vendor": "wpdevteam",
"versions": [
{
"lessThanOrEqual": "6.0.4",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.4.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin\u0027s bundled Magnific Popups library (version 1.1.0) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was fixed in the upstream library (Magnific Popups version 1.2.0) by disabling the loading of HTML within certain fields by default."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-03T09:22:19.308Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dae80fc2-3076-4a32-876d-5df1c62de9bd?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/vendor/magnific-popup/magnific-popup.js"
},
{
"url": "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/assets/front-end/js/lib-view/magnific-popup/jquery.magnific-popup.js"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bold-page-builder/trunk/content_elements_misc/js/jquery.magnific-popup.js"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3154460/happy-elementor-addons"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3153781/bold-page-builder"
},
{
"url": "https://plugins.trac.wordpress.org/browser/robo-gallery/trunk/js/robo_gallery.js#L56"
},
{
"url": "https://www.elegantthemes.com/api/changelog/divi.txt"
},
{
"url": "https://www.elegantthemes.com/api/changelog/extra.txt"
},
{
"url": "https://www.elegantthemes.com/api/changelog/divi-builder.txt"
},
{
"url": "https://themes.trac.wordpress.org/changeset/244604/oceanwp"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3153700/essential-addons-for-elementor-lite"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3184626/addons-for-divi"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3201991/robo-gallery"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3166204/carousel-slider"
},
{
"url": "https://github.com/dimsemenov/Magnific-Popup/releases/tag/1.2.0"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-05T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-02T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Multiple Plugins \u003c= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-5647",
"datePublished": "2025-07-03T09:22:19.308Z",
"dateReserved": "2024-06-04T21:31:54.009Z",
"dateUpdated": "2025-07-03T13:17:30.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-0370
Vulnerability from cvelistv5
Published
2025-03-04 09:22
Modified
2025-03-04 14:21
Severity ?
EPSS score ?
Summary
WP Shortcodes Plugin — Shortcodes Ultimate <= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0370",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T14:19:22.173400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T14:21:01.026Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.3.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matthew Rollings"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018src\u2019 parameter in all versions up to, and including, 7.3.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T09:22:37.463Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f0869c35-9ea8-46a5-8bba-23d7ef47355a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/lightbox.php#L75"
},
{
"url": "https://wordpress.org/plugins/shortcodes-ultimate/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3229060/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-03T20:32:25.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate \u003c= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0370",
"datePublished": "2025-03-04T09:22:37.463Z",
"dateReserved": "2025-01-09T22:58:24.363Z",
"dateUpdated": "2025-03-04T14:21:01.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0792
Vulnerability from cvelistv5
Published
2024-02-20 18:56
Modified
2024-08-01 18:18
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping on RSS feed content. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0792",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-01T13:43:23.687650Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:51.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:18:18.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d8c043c-e347-4dc8-8a72-943a7e6c4394?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/feed.php#L49"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/feed.php#L78"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3026377/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.0.1",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s shortcode(s) in all versions up to, and including, 7.0.1 due to insufficient input sanitization and output escaping on RSS feed content. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-20T18:56:18.777Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0d8c043c-e347-4dc8-8a72-943a7e6c4394?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/feed.php#L49"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/shortcodes/feed.php#L78"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3026377/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-07T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-0792",
"datePublished": "2024-02-20T18:56:18.777Z",
"dateReserved": "2024-01-22T20:50:09.402Z",
"dateUpdated": "2024-08-01T18:18:18.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-1808
Vulnerability from cvelistv5
Published
2024-02-28 12:50
Modified
2024-08-02 19:33
Severity ?
EPSS score ?
Summary
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_qrcode' shortcode in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:48:22.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96769a0e-d4a9-4196-8ded-b600046c0943?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/3041647/shortcodes-ultimate"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:mythemeshop:wp_shortcode:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wp_shortcode",
"vendor": "mythemeshop",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-02T19:30:52.394429Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-02T19:33:14.438Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.0.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin\u0027s \u0027su_qrcode\u0027 shortcode in all versions up to, and including, 7.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-28T12:50:50.204Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/96769a0e-d4a9-4196-8ded-b600046c0943?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3041647/shortcodes-ultimate"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-02-22T00:00:00.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2024-02-27T00:00:00.000+00:00",
"value": "Disclosed"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-1808",
"datePublished": "2024-02-28T12:50:50.204Z",
"dateReserved": "2024-02-22T22:00:45.914Z",
"dateUpdated": "2024-08-02T19:33:14.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-8500
Vulnerability from cvelistv5
Published
2024-10-23 11:04
Modified
2024-10-23 13:31
Severity ?
EPSS score ?
Summary
WP Shortcodes Plugin — Shortcodes Ultimate <= 7.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T13:31:38.588864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T13:31:48.533Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.2.2",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Craig Smith"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 7.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T11:04:27.437Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/78af6e06-4b4c-4f56-a6f8-f98e8f681976?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/trunk/includes/js/shortcodes/index.js"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3171844/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-22T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate \u003c= 7.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8500",
"datePublished": "2024-10-23T11:04:27.437Z",
"dateReserved": "2024-09-05T20:15:39.819Z",
"dateUpdated": "2024-10-23T13:31:48.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2025-5567
Vulnerability from cvelistv5
Published
2025-07-04 02:22
Modified
2025-07-07 15:01
Severity ?
EPSS score ?
Summary
Shortcodes Ultimate <= 7.4.0 - Authenticted (Contributor+) Stored Cross-Site Scripting via 'data-url' Attribute
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| gn_themes | WP Shortcodes Plugin — Shortcodes Ultimate |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5567",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-07T14:38:36.577262Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-07T15:01:49.941Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WP Shortcodes Plugin \u2014 Shortcodes Ultimate",
"vendor": "gn_themes",
"versions": [
{
"lessThanOrEqual": "7.4.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Asaf Mozes"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u0027data-url\u0027 DOM element attribute in all versions up to, and including, 7.4.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-04T02:22:33.158Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fbd67145-5b95-4890-a265-1dd7a029aec6?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/shortcodes-ultimate/tags/7.4.0/includes/js/shortcodes/index.js"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-05-27T00:00:00.000+00:00",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-06-09T07:22:26.000+00:00",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-07-03T14:14:23.000+00:00",
"value": "Disclosed"
}
],
"title": "Shortcodes Ultimate \u003c= 7.4.0 - Authenticted (Contributor+) Stored Cross-Site Scripting via \u0027data-url\u0027 Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-5567",
"datePublished": "2025-07-04T02:22:33.158Z",
"dateReserved": "2025-06-03T19:20:11.841Z",
"dateUpdated": "2025-07-07T15:01:49.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}