VYPR

Tj Shortcodes

by WordPress

CVEs (2)

  • CVE-2023-6530Jan 29, 2024
    risk 0.00cvss epss 0.00

    The TJ Shortcodes WordPress plugin through 0.1.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…

  • CVE-2022-4787Jan 30, 2023
    risk 0.00cvss epss 0.00

    Themify Shortcodes WordPress plugin before 2.0.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.