Paultgoodchild Shield: Blocks Bots, Protects Users, And Prevents Security Breaches
8 CVEs affecting Paultgoodchild Shield: Blocks Bots, Protects Users, And Prevents Security Breaches. Latest disclosed: 2026-02-19. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-6989 | Critical | 9.8 | 2024-02-05 | The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and… |
CVE-2023-0992 | High | 7.2 | 2023-06-09 | The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up to, and including, 17.0.17 via the 'User-Agent' header. Th… |
CVE-2026-0722 | Medium | 6.5 | 2026-02-19 | The Shield Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 21.0.8. This is due to the plugin al… |
CVE-2026-0561 | Medium | 6.1 | 2026-02-19 | The Shield Security plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 21.0… |
CVE-2025-14427 | Medium | 4.3 | 2026-02-19 | The Shield Security: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to unauthorized modification of data due to… |
CVE-2025-15370 | Medium | 4.3 | 2026-01-16 | The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions… |
CVE-2024-4344 | Medium | 4.3 | 2024-06-02 | The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to… |
CVE-2023-0993 | Medium | 4.3 | 2023-06-09 | The Shield Security plugin for WordPress is vulnerable to Missing Authorization on the 'theme-plugin-file' AJAX action in versions up to, and including, 17.0.1… |