Shortcodes Ultimate 8

To plugin page Claim VDP

WordPress Shortcodes Ultimate Plugin <= 5.12.6 is vulnerable to Arbitrary File Download

Patch immediately High priority

Not known to be exploited Report an attack

7.1

High severity CVSS 3.1 score

Protect your sites with automated security

Enable Protection

Patchstack Professional users are protected since 09.12.2022

Enable Protection

Solution

Fixed

Update the WordPress Shortcodes Ultimate plugin to the latest available version (at least 5.12.7).

Rafie Muhammad (Patchstack) discovered and reported this Arbitrary File Download vulnerability in WordPress Shortcodes Ultimate Plugin. This could allow a malicious actor to download any file from your website. This includes but is not limited to files that contain login credentials or backup files. This vulnerability has been fixed in version 5.12.7.

Other vulnerabilities in this plugin

0 present

8 patched

View all