github getgrav/grav-plugin-shortcode-core 6.2.2

3 hours ago

Bugfix

  • [security] Shortcode parameters that set an element's color, size, id, class or style are now escaped when written into the page, closing a stored cross-site scripting hole where a crafted value could break out of the attribute and run script in a visitor's or an administrator's browser (GHSA-q5fw-vpqc-fgph).

Don't miss a new grav-plugin-shortcode-core release

NewReleases is sending notifications on new releases.