CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581 Shortcodes AnyWhere <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581

CVE-2024-9581 affects the WordPress plugin Shortcodes AnyWhere. The vulnerability is an unauthenticated arbitrary shortcode execution via do_shortcode due to improper value validation in all versions up to 1.0.1. Connected sources confirm this as an active issue (unpatched in Wordfence/NVD entrie...

WordPress plugin Shortcodes AnyWhere 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code injection vulnerability exists in the...

WordPress Shortcodes AnyWhere plugin <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Francesco Carlucci in WordPress Plugin Shortcodes AnyWhere versions = 1.0.1...