Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/05/05 3:2 a.m.15 views

CVE-2024-13738

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.7AI score0.0042EPSS
Exploits0References1
nvd
nvd
added 2025/05/03 3:15 a.m.15 views

CVE-2024-13738

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS0.0042EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/05/03 2:21 a.m.8 views

CVE-2024-13738 Motors - Car Dealer, Rental & Listing WordPress theme <= 5.6.65 - Unauthenticated Arbitrary Shortcode Execution

The The Motors - Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.5AI score0.0042EPSS
Exploits0References3
cve
cve
added 2025/05/03 2:21 a.m.73 views

CVE-2024-13738

CVE-2024-13738 affects the WordPress theme “Motors – Car Dealer, Rental & Listing” for versions up to 5.6.65. The issue is an unauthenticated arbitrary shortcode execution caused by insufficient validation before running do_shortcode, enabling an attacker to run arbitrary shortcodes. Connected so...

7.3CVSS7.8AI score0.0042EPSS
Exploits0References3
patchstack
patchstack
added 2025/05/02 12:0 a.m.6 views

WordPress Motors Theme <= 5.6.65 is vulnerable to Content Injection

Software Motors Type Theme Vulnerable versions = 5.6.65 Fixed in 5.6.66 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-13738 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 81285145e079 Credits Lucio Sá Required privilege Unauthenticated...

7.3CVSS6.8AI score0.0042EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder