CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

April 26, 2025

CVE ID : CVE-2024-13812

Published : April 26, 2025, 9:15 a.m. | 2 hours, 49 minutes ago

Description : The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.1.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2101 – Edumall WordPress Local File Inclusion Vulnerability

Next Article CVE-2025-2851 – GL.iNet RPC Handler Buffer Overflow

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces

Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network

CVE-2025-4638 – PCL Zlib Inftrees Pointer Arithmetic Vulnerability

CVE-2024-51453 – IBM Sterling Secure Proxy Directory Traversal Vulnerability

I played Gears of War: Reloaded on the ROG Xbox Ally X, and it’s a fantastic experience that blew me away

CVE-2024-30113 – HCL Leap Cross-Site Scripting Vulnerability

OpenAI scientists wanted “a doomsday bunker” before AGI surpasses human intelligence and threatens humanity

Shiori is a simple bookmark manager

CVE-2025-49193 – Apache Struts Missing Security Headers Vulnerability

CVE-2025-49576 – Citizen is a MediaWiki skin that makes extensions

CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

Related Posts