4 matches found
CVE-2024-13557
The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-13557
creationtimestamp| type| source ---|---|--- 2025-03-29 07:28:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9536 2025-03-29 10:29:02+00:00| seen| https://t.me/cvedetector/21508 2025-03-29 23:25:32+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114248301386235895 2025-03-29...
CVE-2024-13557
CVE-2024-13557 affects the Shortcodes by United Themes plugin for WordPress. All versions up to 5.1.6 are vulnerable to unauthenticated arbitrary shortcode execution because do_shortcode can be invoked without proper input validation. The impact is ability to execute arbitrary shortcodes, with no...
CVE-2024-13557 Shortcodes by United Themes <= 5.1.6 - Unauthenticated Arbitrary Shortcode Execution
The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.1.6. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...