Vulnerabilities > Getshortcodes

DATE CVE VULNERABILITY TITLE RISK
2022-10-11 CVE-2022-38086 Unspecified vulnerability in Getshortcodes Shortcodes Ultimate
Cross-Site Request Forgery (CSRF) vulnerability in Shortcodes Ultimate plugin <= 5.12.0 at WordPress leading to plugin preset settings change.
network
low complexity
getshortcodes
4.3
2021-09-20 CVE-2021-24525 Cross-site Scripting vulnerability in Getshortcodes Shortcodes Ultimate
The Shortcodes Ultimate WordPress plugin before 5.10.2 allows users with Contributor roles to perform stored XSS via shortcode attributes.
network
low complexity
getshortcodes CWE-79
5.4
2019-08-22 CVE-2017-18580 Improper Input Validation vulnerability in Getshortcodes Shortcodes Ultimate
The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode.
network
low complexity
getshortcodes CWE-20
critical
9.8
2017-07-07 CVE-2017-2245 Path Traversal vulnerability in Getshortcodes Shortcodes Ultimate
Directory traversal vulnerability in Shortcodes Ultimate prior to version 4.10.0 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
getshortcodes CWE-22
5.0