|
1411
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to in…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8867
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1412
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Single Mailchimp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'single-mailchimp' shortcode in all versions up to, and including, 1.4. This is due to insufficient inpu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8868
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1413
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8872
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1414
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Easy Prism Syntax Highlighter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'code' (and 'c') shortcode in versions up to, and including, 1.0.2. This is due to…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8875
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1415
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Responsive Video Embedder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rem_video' shortcode in versions up to, and including, 0.1. This is due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2026-8877
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1416
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Instant-Quote.co Quotation Page plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.3.4 due to insufficient input sa…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8884
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1417
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The hk_shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title-plane' shortcode in versions up to, and including, 1.0. This is due to insufficient input sanitizatio…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8886
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1418
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Listen Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'listen' shortcode in versions up to, and including, 1.0. This is due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8887
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1419
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The BitForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bitform' shortcode in versions up to, and including, 1.1.0. This is due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8891
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1420
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The iWR Tooltip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `iwrtooltip` shortcode in versions up to, and including, 1.0. This is due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8894
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
