|
1221
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Responsive Check plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rspcheck' shortcode in versions up to, and including, 0.0.3. This is due to insufficient input sanitiza…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8844
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1222
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Islamic Database plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'islamicDB-roqya' shortcode in versions up to, and including, 1.0. This is due to insufficient input san…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8845
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1223
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Tuxquote plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'TUXQUOTE' shortcode in versions up to, and including, 1.3. This is due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8846
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1224
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Dideo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dideo' shortcode in version 1.0. This is due to insufficient input sanitization and output escaping on th…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8847
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1225
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The jQuery googleslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'googleslides' shortcode in all versions up to, and including, 1.3. This is due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8866
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1226
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to in…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8867
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1227
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Single Mailchimp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'single-mailchimp' shortcode in all versions up to, and including, 1.4. This is due to insufficient inpu…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8868
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1228
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Mutual Funds Data plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' shortcode attribute in versions up to, and including, 1.2.1. This is due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2026-8869
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1229
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Team Master – A Modern WordPress Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.1.2 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8870
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1230
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Formidable Kinetic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'kinetic_link' shortcode in versions up to, and including, 1.1.01. This is due to insufficient input s…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8871
|
2026-05-27 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
