2 matches found
CVE-2025-2801
CVE-2025-2801 concerns the WordPress plugin abcsubmit (WordPress Form Builder) , where versions up to and including 1.2.4 are vulnerable. The root cause is improper validation before running the WordPress shortcode handler, allowing unauthenticated attackers to execute arbitrary shortcodes . Docu...
WordPress Form Builder plugin <= 1.2.4 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Avraham Shemesh in WordPress Plugin Form Builder versions = 1.2.4...