The WP Shortcodes Plugin — Shortcodes Ultimate is a plugin for WordPress websites that can be vulnerable to Stored Cross-Site Scripting. This vulnerability affects all versions up to and including 7.0.0 and is caused by not properly sanitizing input data and not properly escaping output data from user inputs. This means that anyone with certain levels of access to the website can inject malicious code into pages that will be executed when users visit those pages.