WordPress versions up to and including 6.2.1 have a security vulnerability in the way it processes shortcodes in user-generated content in block themes. This could give malicious actors the ability to execute shortcodes in comments or other content, even if they do not have the required Subscriber or Contributor-level permissions. On its own, this vulnerability may not have a huge impact, but it can make other existing vulnerabilities much more severe.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
