Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to execute an action that doe
The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0. This is due to the software allowing users to execute an action th
The Uncode Core plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.9.1.6. This is due to the software allowing users to execute an action that
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via grid_plus_load_by_category AJAX action in all versions up to, and including, 1.3.5. Th
The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action t
The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that doe
The The WP-Members Membership Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.2. This is due to the software allowing users to ex
The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via form_preview_shortcode AJAX action in all versions up to, and including, 1.4.7. This is due to the software a
The Bootstrap Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `box` shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitizat
The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action tha
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 2.1.13 due to insufficient input sanitiz
The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is due to the software allowing users to execute an act
The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This i
The Simple Alert Boxes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Alert shortcode in all versions up to, and including, 1.4.0 due to insufficient input sanitiza
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input sani
The Shortcodely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'widget_area' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.16.7.1. This is due to the soft
The Flexmls® IDX Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'idx_frame' shortcode in all versions up to, and including, 3.14.27 due to insufficient input
The The Uix Shortcodes – Compatible with Gutenberg plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.9. This is due to the software allowing
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 (Business), up to, and including, 21.8.0
Page 1+ Next →