4 matches found
CVE-2025-2805
creationtimestamp| type| source ---|---|--- 2025-04-10 09:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmh73txgjl2q 2025-04-10 10:31:20+00:00| seen| Telegram/YDvcAPdlvLvCcoAwvz9gU9VvCprHDRzeT4kOSIV0t5J2ank...
CVE-2025-2805 ORDER POST <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution
The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2025-2805
CVE-2025-2805 is an unauthenticated arbitrary shortcode execution in the ORDER POST WordPress plugin (versions up to 2.0.2). The root cause is improper validation before running do_shortcode, enabling attackers to execute arbitrary shortcodes. Wordfence & the CVE entry list this as a high-severit...
CVE-2025-2805 ORDER POST <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution
The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...