VYPR

Security Shield 2010

by Getshieldsecurity

CVEs (6)

  • CVE-2026-0722MedFeb 19, 2026
    risk 0.42cvss 6.5epss 0.00

    The Shield Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 21.0.8. This is due to the plugin allowing nonce verification to be bypassed via user-supplied parameter in the 'isNonceVerifyRequired' function. This makes…

  • CVE-2022-41650MedFeb 17, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Paul Custom Content by Country (by Shield Security) custom-content-by-country.This issue affects Custom Content by Country (by Shield Security): from n/a through 3.1.2.

  • CVE-2026-0561MedFeb 19, 2026
    risk 0.40cvss 6.1epss 0.00

    The Shield Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 21.0.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to…

  • CVE-2025-14427MedFeb 19, 2026
    risk 0.28cvss 4.3epss 0.00

    The Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `MfaEmailDisable` action in all versions up to, and including, 21.0.9. This makes it…

  • CVE-2025-15370MedJan 16, 2026
    risk 0.21cvss 4.3epss 0.00

    The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 21.0.9 via the MfaGoogleAuthToggle class due to missing validation on a user controlled key. This…

  • CVE-2010-5176Aug 25, 2012
    risk 0.00cvss epss 0.00

    Race condition in Security Shield 2010 13.0.16.313 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory…