CVE-2025-10125
- EPSS 0.03%
- Veröffentlicht 17.09.2025 04:01:15
- Zuletzt bearbeitet 17.09.2025 14:18:55
The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugins's 'row' shortcode in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping on user supplied attrib...
CVE-2024-11227
- EPSS 0.15%
- Veröffentlicht 23.11.2024 10:15:04
- Zuletzt bearbeitet 23.11.2024 10:15:04
The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's memberlite_accordion shortcode in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping on user...
CVE-2023-5237
- EPSS 0.49%
- Veröffentlicht 31.10.2023 14:15:12
- Zuletzt bearbeitet 22.04.2025 20:15:27
The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scri...