Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-06-13

CVE-2024-6766 - Shortcodes Ultimate Pro Plugin

The shortcodes-ultimate-pro WordPress plugin before 7.2.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

PLUGIN Shortcodes Ultimate Pro

CVE-2024-6766

MEDIUM CVSS 5.4 2024-08-06

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-06-10

CVE-2024-4217 - Shortcodes Ultimate Pro Plugin

The shortcodes-ultimate-pro WordPress plugin before 7.1.5 does not properly escape some of its shortcodes' settings, making it possible for attackers with a Contributor account to conduct Stored XSS attacks.

PLUGIN Shortcodes Ultimate Pro

CVE-2024-4217

MEDIUM CVSS 4.7 2024-07-13

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2024-6766 - Shortcodes Ultimate Pro Plugin

CVE-2024-4217 - Shortcodes Ultimate Pro Plugin

Company Links

Contact Us