5 matches found
CVE-2025-1510
The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
CVE-2025-1510 Custom Post Type Date Archives <= 2.7.1 - Missing Authorization to Unauthenticated Arbitrary Shortcode Execution
The The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.7.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it...
WordPress plugin Custom Post Type Date Archives 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exis...
PT-2025-7518 · WordPress · Custom Post Type Date Archives
Name of the Vulnerable Software and Affected Versions: The Custom Post Type Date Archives plugin for WordPress versions up to, and including, 2.7.1 Description: The Custom Post Type Date Archives plugin for WordPress is vulnerable to arbitrary shortcode execution. This issue arises because the...
WordPress Custom Post Type Date Archives plugin <= 2.7.1 - Missing Authorization to Unauthenticated Arbitrary Shortcode Execution vulnerability
Missing Authorization to Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Krzysztof Zając in WordPress Plugin Custom Post Type Date Archives versions = 2.7.1...