6 matches found
CVE-2024-13453
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13453
creationtimestamp| type| source ---|---|--- 2025-01-30 11:15:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113917016519417074 2025-01-30 11:15:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxeabt7yy2n 2025-01-30 13:11:29+00:00| seen|...
CVE-2024-13453
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13453 Contact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode Execution
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...
CVE-2024-13453
CVE-2024-13453 – WordPress PirateForms plugin vulnerability (CVE summary) The WordPress plugin “Contact Form & SMTP Plugin for WordPress by PirateForms” (up to version 2.6.0) allows unauthenticated attackers to trigger arbitrary shortcodes through an action that calls do_shortcode without proper ...
CVE-2024-13453 Contact Form & SMTP Plugin for WordPress by PirateForms <= 2.6.0 - Unauthenticated Arbitrary Shortcode Execution
The The Contact Form & SMTP Plugin for WordPress by PirateForms plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.6.0. This is due to the software allowing users to execute an action that does not properly validate a value before running...