Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/03/31 7:34 a.m.14 views

CVE-2025-2803

The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS7.9AI score0.00458EPSS
Exploits0References1
NVD
NVD
added 2025/03/29 7:15 a.m.8 views

CVE-2025-2803

The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS0.00458EPSS
Exploits0References3
CVE
CVE
added 2025/03/29 7:3 a.m.65 views

CVE-2025-2803

CVE-2025-2803 concerns the WordPress plugin “So-Called Air Quotes”. The description states unauthenticated attackers can trigger arbitrary shortcode execution in all versions up to 0.1 by exploiting a lack of proper validation before running do_shortcode, enabling shortcode execution without cred...

7.3CVSS7.8AI score0.00458EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/29 7:3 a.m.9 views

CVE-2025-2803 So-Called Air Quotes <= 0.1 - Unauthenticated Arbitrary Shortcode Execution

The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS7.6AI score0.00458EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/29 12:0 a.m.6 views

PT-2025-13608 · WordPress · So-Called Air Quotes

Name of the Vulnerable Software and Affected Versions: So-Called Air Quotes plugin for WordPress versions up to, and including, 0.1 Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the software not properly validating a value before running do...

7.3CVSS9.6AI score0.00458EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/03/29 12:0 a.m.2 views

WordPress plugin So-Called Air Quotes 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

7.3CVSS8.8AI score0.00458EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/03/28 10:1 p.m.5 views

WordPress So-Called Air Quotes plugin <= 0.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Avraham Shemesh in WordPress Plugin So-Called Air Quotes versions = 0.1...

7.3CVSS7.1AI score0.00458EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder