cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-0168,https://securityvulnerability.io/vulnerability/CVE-2023-0168,Olevmedia Shortcodes <= 1.1.9 - Contributor+ Stored XSS,"The Olevmedia Shortcodes WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.",Wordpress,Olevmedia Shortcodes,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2023-02-27T16:15:00.000Z,0
CVE-2015-9421,https://securityvulnerability.io/vulnerability/CVE-2015-9421,,The olevmedia-shortcodes plugin before 1.1.9 for WordPress has CSRF with resultant XSS via the wp-admin/admin-ajax.php?action=omsc_popup id parameter.,Wordpress,Olevmedia Shortcodes,6.5,MEDIUM,0.0021299999207258224,false,,false,false,false,,false,false,2019-09-26T00:08:30.000Z,0