EUVD-2025-13473

Malicious code in bioql PyPI...

CVE-2025-2802 LayoutBoxx <= 0.3.1 - Unauthenticated Arbitrary Shortcode Execution

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2025-2802 LayoutBoxx <= 0.3.1 - Unauthenticated Arbitrary Shortcode Execution

The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2025-2802

CVE-2025-2802 (LayoutBoxx) : The WordPress LayoutBoxx plugin (versions ≤ 0.3.1) is vulnerable to unauthenticated arbitrary shortcode execution due to improper validation before do_shortcode. Reported CVSSv3.1 base score 7.3 (HIGH). Patch status in provided docs is Unpatched; no fix version is giv...

PT-2025-19832 · WordPress · Layoutboxx

Name of the Vulnerable Software and Affected Versions: LayoutBoxx plugin for WordPress versions up to and including 0.3.1 Description: The issue allows unauthenticated attackers to execute arbitrary shortcodes due to the software not properly validating a value before running do shortcode. This...

WordPress plugin LayoutBoxx 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...