6 matches found
CVE-2024-9581
The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-9581
The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-9581
The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-9581 Shortcodes AnyWhere <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution
The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-9581
CVE-2024-9581 affects the WordPress plugin Shortcodes AnyWhere. The vulnerability is an unauthenticated arbitrary shortcode execution via do_shortcode due to improper value validation in all versions up to 1.0.1. Connected sources confirm this as an active issue (unpatched in Wordfence/NVD entrie...
WordPress Shortcodes AnyWhere Plugin <= 1.0.1 is vulnerable to Content Injection
Software Shortcodes AnyWhere Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9581 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 9c5d59c3c6ea Credits Francesco Carlucci Required privilege...