Vulnerabilities protected by our Stored Cross-Site Scripting via Shortcode firewall rule

2,159
Attacks Blocked in Past 24 Hours

Showing 401-420 of 493 Vulnerabilities

Title CVE ID CVSS Vector Date
vSlider Multi Image Slider <= 4.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-25797 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 15, 2023
Ultimate WP Query Search Filter <= 1.0.10 - Authenticated (Contributor+) Stored Cross Site Scripting CVE-2023-23832 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 15, 2023
Ocean Extra <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-24399 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 14, 2023
Advanced Recent Posts <= 0.6.14 - Authenticated (Contributor+) Stored Cross Site Scripting via Shortcode CVE-2023-0212 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
UpQode Google Maps <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0094 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
Download Attachments <= 1.2.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0076 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
Product GTIN (EAN, UPC, ISBN) for WooCommerce <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0068 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
WPaudio MP3 Player <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0069 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
i2 Pros & Cons <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2023-0065 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
WordPress Shortcodes <= 1.6.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0063 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 13, 2023
Shortcodes Ultimate <= 5.12.6 - Authenticated (Contributor+) Stored Cross Site Scripting CVE-2023-25040 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 10, 2023
Scriptless Social Sharing <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Options CVE-2023-0377 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 9, 2023
Yellow Yard Searchbar <= 2.7.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-1110 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 7, 2023
Icegram Collect <= 1.3.8 - Authenticated(Contributor+) Cross-Site Scripting via Shortcode CVE-2023-25024 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 6, 2023
Quebely <= 1.8.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'className' Block Option CVE-2023-0376 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 6, 2023
VK All in One Expansion Unit <= 9.85.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0230 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 3, 2023
Galleries by Angie Makes <= 1.67 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2022-4795 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 2, 2023
Ocean Extra <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-23891 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 1, 2023
Wufoo Shortcode <= 1.51 - Authenticated (Contributor+) Cross-Site Scripting via Shortcodes CVE-2022-4679 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 1, 2023
Donation Block For PayPal <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2023-0535 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N February 1, 2023

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation