VYPR

List Child Pages Shortcode

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-58021MedSep 22, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through <= 1.3.1.

  • CVE-2022-4757MedFeb 27, 2023
    risk 0.35cvss 5.4epss 0.00

    The List Pages Shortcode WordPress plugin before 1.7.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be…