Vulnerabilities > Getshortcodes > Shortcodes Ultimate > High

DATE CVE VULNERABILITY TITLE RISK
2022-11-08 CVE-2022-41136 Cross-Site Request Forgery (CSRF) vulnerability in Getshortcodes Shortcodes Ultimate
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Vladimir Anokhin's Shortcodes Ultimate plugin <= 5.12.0 on WordPress.
network
low complexity
getshortcodes CWE-352
8.8
2019-08-22 CVE-2017-18580 Improper Input Validation vulnerability in Getshortcodes Shortcodes Ultimate
The shortcodes-ultimate plugin before 5.0.1 for WordPress has remote code execution via a filter in a meta, post, or user shortcode.
network
low complexity
getshortcodes CWE-20
7.5