Lucene search
K

4 matches found

Circl
Circl
added 2025/04/10 9:32 a.m.9 views

CVE-2025-2805

creationtimestamp| type| source ---|---|--- 2025-04-10 09:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmh73txgjl2q 2025-04-10 10:31:20+00:00| seen| Telegram/YDvcAPdlvLvCcoAwvz9gU9VvCprHDRzeT4kOSIV0t5J2ank...

7.3CVSS8.7AI score0.00453EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 7:2 a.m.8 views

CVE-2025-2805 ORDER POST <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution

The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS7.6AI score0.00453EPSS
Exploits0References3
CVE
CVE
added 2025/04/10 7:2 a.m.72 views

CVE-2025-2805

CVE-2025-2805 is an unauthenticated arbitrary shortcode execution in the ORDER POST WordPress plugin (versions up to 2.0.2). The root cause is improper validation before running do_shortcode, enabling attackers to execute arbitrary shortcodes. Wordfence & the CVE entry list this as a high-severit...

7.3CVSS7.6AI score0.00453EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/10 7:2 a.m.27 views

CVE-2025-2805 ORDER POST <= 2.0.2 - Unauthenticated Arbitrary Shortcode Execution

The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.2. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

7.3CVSS0.00453EPSS
Exploits0References3
Rows per page
Query Builder