cleantalk
Vulnerabilities and Security Researches

ShortcodeHub – MultiPurpose Shortcode Builder, 4e01f5fcb2f007d80c17901d762fa3246d101dcc

CVE, Research URL

4e01f5fcb2f007d80c17901d762fa3246d101dcc

Home page URL

Security reports for ShortcodeHub – MultiPurpose Shortcode Builder

Application

ShortcodeHub – MultiPurpose Shortcode Builder

Published on
Jul 19, 2023
Research Description
ShortcodeHub &#8211; MultiPurpose Shortcode Builder [shortcodehub] < 1.4.0 WordPress ShortcodeHub - MultiPurpose Shortcode Builder Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS) Update the WordPress ShortcodeHub - MultiPurpose Shortcode Builder plugin to the latest available version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress ShortcodeHub - MultiPurpose Shortcode Builder Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.4.0.
Affected versions
Min -, max 1.4.0.
Status
vulnerable
Previous vulnerability researches
ShortcodeHub &#8211; MultiPurpose Shortcode Builder (CVE-2025-7957) , Aug 23, 2025
ShortcodeHub &#8211; MultiPurpose Shortcode Builder (4e01f5fcb2f007d80c17901d762fa3246d101dcc) , Jun 07, 2024
New vulnerability
Яндекс.ПДС Пингер / Yandex Site search pinger (CVE-2025-48352) , Aug 24, 2025
Link View (CVE-2025-49039) , Aug 24, 2025
WP Fast Total Search &#8211; The Power of Indexed Search (CVE-2025-57893) , Aug 24, 2025
Recurring PayPal Donations (CVE-2025-57891) , Aug 24, 2025
Church Admin (CVE-2025-57896) , Aug 24, 2025