Medium severity4.7NVD Advisory· Published Jul 13, 2024· Updated Jun 17, 2026
CVE-2024-4217
CVE-2024-4217
Description
The shortcodes-ultimate-pro WordPress plugin before 7.1.5 does not properly escape some of its shortcodes' settings, making it possible for attackers with a Contributor account to conduct Stored XSS attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/shortcodes-ultimate-pro WordPress plugindescription
- Range: <7.1.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/55cb43bf-7c8f-4df7-b4de-bf2bb1c2766d/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.