Shield Security

Paul

Developer

21.2.6

Latest version

40,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

11 patched

7 Mitigation rules

Unauthenticated Reflected Cross-Site Scripting via 'message' Parameter vulnerability
<= 21.0.8
23/02/2026
Cross-Site Request Forgery to SQL Injection vulnerability
<= 21.0.8
19/02/2026
Missing Authorization to Authenticated (Subscriber+) Email MFA Update vulnerability
<= 21.0.9
19/02/2026
Authenticated (Subscriber+) Insecure Direct Object Reference to Disable Google Authenticator vulnerability
<= 21.0.9
15/01/2026
Reflected XSS vulnerability
< 20.0.6
26/08/2024
Cross-Site Request Forgery vulnerability
<= 19.1.10
03/06/2024
Unauthenticated Local File Inclusion vulnerability
<= 18.5.9
05/02/2024
Unauthenticated Stored Cross Site Scripting (XSS) vulnerability
<= 18.5.7
16/01/2024
Unauth. Stored Cross-Site Scripting (XSS) vulnerability
<= 17.0.17
25/04/2023
Missing Authorization vulnerability
<= 17.0.17
25/04/2023
Stored Cross-Site Scripting (XSS) vulnerability
<= 13.0.5
19/01/2022