Webliberty

webliberty

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Simple Spoiler

simple_spoiler

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-8479 1Webliberty 1Simple Spoiler Jun 17, 2026 Sep 14, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run al...Show more The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run all shortcodes in comments. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-8479

1Webliberty

1Simple Spoiler

Jun 17, 2026

Sep 14, 2024

N/A· v4

7.3 HIGH· v3

N/A· v2

The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode'); which will run all shortcodes in comments. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.Show less