WordPress Plugin Vulnerabilities

Forget About Shortcode Buttons <= 1.1.1 - XSS

Description

The Forget About Shortcode Buttons WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
forget-about-shortcode-buttons
Fixed in 1.1.2

References

CVE
CVE-2016-1000133
URL
http://www.vapidlabs.com/wp/wp_advisory.php?v=602

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
d7a3e6d3-75d5-4e7c-82c6-797c467de4c4

Timeline

Publicly Published
2016-02-29 (about 10 years ago)
Added
2019-08-23 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-01-13
Title
moseter <= 1.3.1 - Reflected Cross-Site Scripting
Published
2024-02-14
Title
Custom Field Template < 2.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via $search_label
Published
2023-01-30
Title
GS Filterable Portfolio < 1.6.1 - Contributor+ Stored XSS
Published
2025-12-31
Title
WebMan Amplifier < 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2025-03-28
Title
YouTube SimpleGallery <= 2.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting