Wp D3 Project

wp-d3_project

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wp D3

wp-d3

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-0536 1Wp D3 Project 1Wp D3 Jun 17, 2026 May 8, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor...Show more The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.Show less
CVE-2016-10946 1Wp D3 Project 1Wp D3 Nov 21, 2024 Sep 13, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The wp-d3 plugin before 2.4.1 for WordPress has CSRF.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-0536

1Wp D3 Project

1Wp D3

Jun 17, 2026

May 8, 2023

N/A· v4

5.4 MEDIUM· v3

N/A· v2

The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor...Show more

CVE-2016-10946

1Wp D3 Project

1Wp D3

Nov 21, 2024

Sep 13, 2019

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

The wp-d3 plugin before 2.4.1 for WordPress has CSRF.