Vulnerabilities > Getshortcodes > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-08 | CVE-2022-41136 | Cross-Site Request Forgery (CSRF) vulnerability in Getshortcodes Shortcodes Ultimate Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress. | 8.8 |
2019-08-22 | CVE-2017-18580 | Improper Input Validation vulnerability in Getshortcodes Shortcodes Ultimate The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode. | 7.5 |