CVE-2024-12333
CVSS 3.1 Score 6.5 of 10 (medium)
Details
Published Dec 12, 2024
CWE ID 94
Summary
CVE-2024-12333: The Woodmart theme for WordPress, versions up to 8.0.3, is susceptible to arbitrary shortcode execution. This vulnerability arises due to the theme's failure to adequately validate user input before processing it through the 'do_shortcode' function via the 'woodmart_instagram_ajax_query' AJAX action. As a result, unauthenticated attackers can manipulate and execute any arbitrary shortcode they desire.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share