Vulnerabilities > Custom Content Shortcode Project > Custom Content Shortcode > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-03-20	CVE-2023-0340	Unspecified vulnerability in Custom Content Shortcode Project Custom Content Shortcode The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. network low complexity custom-content-shortcode-project	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.