PT-2025-38971 · Unknown · Last Updated Shortcode

Published

2025-09-22

Updated

2025-09-24

CVE-2025-58683

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Last Updated Shortcode versions through 1.0.1

Description The Last Updated Shortcode software contains a flaw related to improper input handling during web page creation, which allows for Stored Cross-site Scripting (XSS). This means that malicious code can be injected into web pages, potentially affecting users who view those pages. The issue allows for the execution of arbitrary scripts within the context of a user's browser.

Recommendations Update Last Updated Shortcode to a version later than 1.0.1.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-58683

Affected Products

Last Updated Shortcode

PT-2025-38971 · Unknown · Last Updated Shortcode

CVE-2025-58683

Weakness Enumeration

Related Identifiers

Affected Products

References · 4