The Shortcode Menu plugin for WordPress is not secure on versions up to and including 3.2. This plugin allows users with contributor-level or higher permissions to add web scripts to pages which will be executed when someone accesses the page. Unfortunately, the plugin does not properly sanitize or escape user input, making it vulnerable to attack.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
