876 matches found
PT-2025-36571
Name of the Vulnerable Software and Affected Versions: The WP-Members Membership Plugin versions prior to 3.5.4.3 Description: The WP-Members Membership Plugin is susceptible to arbitrary shortcode execution. This occurs because the software does not properly validate a value before running do...
CVE-2025-7366
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an action that does not properly validate a value befor...
CVE-2025-7366
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an action that does not properly validate a value befor...
CVE-2025-7366
The CVE-2025-7366 entry concerns the REHub - Price Comparison, Multi Vendor Marketplace WordPress Theme. According to multiple sources in the connected documents, versions up to and including 19.9.7 are affected by an unauthenticated arbitrary shortcode execution flaw triggered via re_filterpost,...
CVE-2025-7366 Rehub <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an action that does not properly validate a value befor...
CVE-2025-7366 Rehub <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 19.9.7. This is due to the software allowing users to execute an action that does not properly validate a value befor...
PT-2025-36347
Name of the Vulnerable Software and Affected Versions: The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme versions prior to 19.9.8 Description: The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme for WordPress is susceptible to arbitrary shortcode execution...
WordPress Rehub theme <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost vulnerability
Unauthenticated Arbitrary Shortcode Execution via refilterpost vulnerability discovered by stealthcopter in WordPress Theme Rehub versions = 19.9.7...
CVE-2025-8878
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an...
CVE-2025-8105
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2025-8878
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an...
CVE-2025-8105
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2025-8105 Soledad <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2025-8878
CVE-2025-8878 affects the Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress for WordPress. Affected versions are all up to 4.16.4. Root cause: unauthenticated user-supplied input is not properly validated before executing do_shor...
CVE-2025-8105
CVE-2025-8105 relates to the Soledad WordPress theme (versions ≤ 8.6.7). The vulnerability allows unauthenticated attackers to trigger arbitrary shortcode execution via do_shortcode due to insufficient value validation. Multiple sources (Wordfence, NVD, patched advisories) confirm the issue and i...
CVE-2025-8878 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.4 - Unauthenticated Arbitrary Shortcode Execution
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an...
CVE-2025-8105 Soledad <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution
The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2025-8878 Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress <= 4.16.4 - Unauthenticated Arbitrary Shortcode Execution
The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an...
WordPress Soledad theme <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Theme Soledad versions = 8.6.7...
PT-2025-33593 · WordPress · Profilepress
Name of the Vulnerable Software and Affected Versions: ProfilePress versions prior to 4.16.5 Description: The ProfilePress WordPress plugin is susceptible to arbitrary shortcode execution. The software does not properly validate a value before running do shortcode, allowing unauthenticated...