CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

April 26, 2025

CVE ID : CVE-2024-13812

Published : April 26, 2025, 9:15 a.m. | 2 hours, 49 minutes ago

Description : The The Anps Theme plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.1.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-2101 – Edumall WordPress Local File Inclusion Vulnerability

Next Article CVE-2025-2851 – GL.iNet RPC Handler Buffer Overflow

Highlights

CVE-2025-47944 – Multer Denial of Service

May 19, 2025

CVE ID : CVE-2025-47944

Published : May 19, 2025, 8:15 p.m. | 2 hours, 33 minutes ago

Description : Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request causes an unhandled exception, leading to a crash of the process. Users should upgrade to version 2.0.0 to receive a patch. No known workarounds are available.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Databricks adds new tools like Lakebase, Lakeflow Designer, and Agent Bricks to better support building AI apps and agents in the enterprise

Zencoder launches end-to-end UI testing agent

OpenAI CEO Sam Altman claims “ChatGPT is already more powerful than any human who has ever lived”

Apple Intelligence delay: A clash of two architectures and trivial AI features fell short of standards and expectations

Ambrosia Sky is a gorgeous science-fiction game that’s all about death, and I can’t wait to play more

3 secrets of PowerToys on Windows 11 that you’ll wish you already knew

[EcjoJS Meta] Content discussion

[EcjoJS Meta] Content discussion

Accessibility, Inclusive Design, and Universal Design Work Together

An “Inconceivable” Conversation With Dr. Pete Cornwell on Simple vs. Agentic AI

OpenAI CEO Sam Altman claims “ChatGPT is already more powerful than any human who has ever lived”

OpenAI CEO Sam Altman claims “ChatGPT is already more powerful than any human who has ever lived”

Apple Intelligence delay: A clash of two architectures and trivial AI features fell short of standards and expectations

Ambrosia Sky is a gorgeous science-fiction game that’s all about death, and I can’t wait to play more

CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

Urgent: CVE-2025–47273 Exposes Python SetupTools — Here’s How to Stay Secure

Google Pixel 10 to Embrace Qi2 Wireless Charging with New “Pixelsnap” Accessories

Customize URL Handling with Laravel’s Macroable URI Class

October is the Cyber Security Month: stats, events and advice

Windows 11 24H2 April 2025 Update fixes File Explorer menu opening in opposite direction

Distribution Release: T2 SDE 25.4

CVE-2025-47944 – Multer Denial of Service

How to choose the best HP laptop: OmniBook, EliteBook, OMEN, ZBook, and more

CVE-2025-3821 – SourceCodester Web-based Pharmacy Product Management System Cross-Site Scripting Vulnerability

Meet Rowboat: An Open-Source IDE for Building Complex Multi-Agent Systems

CVE-2024-13812 – “Anps Theme Plugin WordPress Shortcode Injection Vulnerability”

Related Posts