← Back

Wp D3

wp-d3

Vendor: Wp D3 Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-0536
1Wp D3 Project
1Wp D3
Jun 17, 2026
May 8, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor...Show more
The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less
CVE-2016-10946
1Wp D3 Project
1Wp D3
Nov 21, 2024
Sep 13, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
The wp-d3 plugin before 2.4.1 for WordPress has CSRF.