Skip to content
August 20, 2025

Free Websites, share News and Posts publicly

Primary Menu
  • Registration free websites/as writer
  • Login
Live
  • Home
  • [New post] Shortcodes Ultimate Plugin Patches CSRF Vulnerability in Version 5.12.1
  • news

[New post] Shortcodes Ultimate Plugin Patches CSRF Vulnerability in Version 5.12.1

john kina October 13, 2022 2 min read
Site logo image Sarah Gooding posted: ” The Shortcodes Ultimate plugin, used on more than 700,000 WordPress sites for creating things like tabs, buttons, and accordions, has patched a vulnerability in version 5.12.1. The plugin’s changelog simply says, “This update fixes a security vulnerabili” WP Tavern

Shortcodes Ultimate Plugin Patches CSRF Vulnerability in Version 5.12.1

d12f506a8f9afba443178608fc9e2232?s=96&d=retro&r=R

Sarah Gooding

Oct 13

The Shortcodes Ultimate plugin, used on more than 700,000 WordPress sites for creating things like tabs, buttons, and accordions, has patched a vulnerability in version 5.12.1. The plugin’s changelog simply says, “This update fixes a security vulnerability in the shortcode generator. To the author’s credit, the changelog clearly denotes it as a security update, although it doesn’t offer specific details.

The vulnerability was reported by researcher Dave Jong at Patchstack and is logged at the National Vulnerability Database (NVD) as a Cross-Site Request Forgery (CSRF) vulnerability leading to plugin preset settings change. It was patched two weeks ago and the NVD published the advisory this week.

At this time, the vulnerability is not known to have been exploited, but users are advised to update to the latest version. Based on WordPress.org stats, 46% of the plugin’s user base is running on versions older than 5.12.x. The Shortcodes Ultimate plugin author has since released version 5.12.2, which fixes an issue with the Shortcode Generator Presets that was introduced in the previous update.

Comment

Unsubscribe to no longer receive posts from WP Tavern.
Change your email settings at manage subscriptions.

Trouble clicking? Copy and paste this URL into your browser:
https://wptavern.com/shortcodes-ultimate-plugin-patches-csrf-vulnerability-in-version-5-12-1

jp Powered by Jetpack
Download on the App Store Get it on Google Play

b.gif?blog=9006382&post=138591&subd=wptavern.com&ref=&email=1&email o=jetpack&host=jetpack.wordpresst.gif? ui=8ba62ef4a9e9a49d3fe3da3d5a99ce4d& ut=anon&email domain=gmail.com&blog id=9006382&post id=138591&date sent=2022 10 13&email id=266e32e7853dec1f80070c69113d1734&email name=new post&template=new post& en=wpcom email open&browser type=php agent& aua=wpcom tracks client v0

Chat read-only to anonymous users. Chat with Anyone and Anywhere. Only registered users are allowed to send messages.
Loading the chat ...
25604 Register Login

Continue Reading

Previous: Harley boss sees LiveWire listing giving him an edge – Stuff
Next: Cuba: New Personal Data Protection Law – GlobalComplianceNews

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

verde two
VERDE TWO Apartment sale
  • actress and actor
  • Afghanistan
  • airlines
  • amazon
  • America
  • android
  • apache
  • apple
  • Arab
  • australia
  • Australian Embassy
  • automotive
  • bahan bangunan
  • Bali island
  • Ban
  • banking
  • bearing
  • Brazil
  • Brunei Darussalam
  • business
  • canada
  • casino
  • China
  • cloud
  • cloudflare
  • cPanel
  • cruise
  • crypto currency
  • culture
  • currency
  • DNS
  • docker
  • eCommerce
  • economy
  • education
  • Email
  • Energy
  • england
  • entertainment
  • environment
  • Fashion
  • finance
  • Food
  • France
  • gaming
  • garden
  • Germany
  • golf
  • Golf indonesia
  • google
  • HarmonyOS
  • Health products
  • history
  • hospital
  • hotel restaurant
  • Huawei
  • human
  • IBM
  • IMF
  • india
  • Indonesia
  • instagram
  • internet
  • investment
  • Israel
  • Japan
  • jobs
  • kitchenware
  • korea
  • kubernetes
  • KVM
  • Leisure
  • limbah
  • Linux
  • Living style
  • Longhorn
  • lottery
  • machine
  • machine learning
  • machinery
  • Malaysia
  • manufacturing
  • mariadb
  • maritime
  • material building
  • medical
  • meta
  • Microsoft
  • music
  • MySQL
  • New Zealand
  • news
  • NFS
  • Nickel
  • nightclub
  • north korea
  • OBS
  • oil and gas
  • Pakistan
  • Palestine
  • Philippines
  • Photography
  • php
  • phpMyAdmin
  • private-jet
  • promotion products
  • real estate
  • Resort hotel
  • Russia
  • sanitary ware
  • search engine
  • Shopping Mal
  • singapore
  • Singapore Pools
  • software
  • south korea
  • sport
  • ssl
  • swiss
  • Technology
  • Thailand
  • tourism boards
  • travel
  • Turkish
  • Ubuntu
  • Uncategorized
  • United Arab Emirates
  • vietnam
  • virtualbox
  • virtualization
  • vmware
  • water products
  • whatsapp
  • WordPress
Register and posting news , your skills , knowledge , science , stories , experiences , etc
Copyright © All rights reserved. The tiatira is not responsible for the content of each writer / author , external sites. |