Skip to main content

Wp Matterport Shortcode

3 CVEs product

Monthly

CVE-2023-4290 MEDIUM POC This Month

The WP Matterport Shortcode WordPress plugin before 2.1.7 does not escape the PHP_SELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Matterport Shortcode
NVD WPScan
CVSS 3.1
6.1
EPSS
0.4%
CVE-2023-4289 MEDIUM POC This Month

The WP Matterport Shortcode WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Matterport Shortcode
NVD WPScan
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-35094 MEDIUM POC This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wp Matterport Shortcode
NVD
CVSS 3.1
5.4
EPSS
0.4%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

The WP Matterport Shortcode WordPress plugin before 2.1.7 does not escape the PHP_SELF server variable when outputting it in attributes, leading to Reflected Cross-Site Scripting issues which could. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Matterport Shortcode
NVD WPScan
EPSS 0% CVSS 5.4
MEDIUM POC This Month

The WP Matterport Shortcode WordPress plugin before 2.1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Matterport Shortcode
NVD WPScan
EPSS 0% CVSS 5.4
MEDIUM POC This Month

Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wp Matterport Shortcode
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy