CVE-2024-3548

Name of the Vulnerable Software and Affected Versions WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin versions prior to 7.1.2

Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could be exploited against high-privilege users, such as administrators.

Recommendations For WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin versions prior to 7.1.2, update to version 7.1.2 or later to resolve the issue.