CVE-2024-13738 – “Motors Car Dealer, Rental & Listing WordPress Theme Shortcode Execution Vulnerability”

May 3, 2025

CVE ID : CVE-2024-13738

Published : May 3, 2025, 3:15 a.m. | 2 hours, 15 minutes ago

Description : The The Motors – Car Dealer, Rental & Listing WordPress theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.6.65. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

*It is unclear exactly which version the issue was patched in from the changelog. Therefore, we used the latest version at the time of verification.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-3779 – WordPress Personizely Stored Cross-Site Scripting

Next Article Pinot is a real-time analytics platform

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My top gaming laptop of 2024 defended its crown with a redesign, but lost one of my favorite features

“I do agree that Diablo 4 still has a lot of untapped potential,” Diablo 4 developers discuss Season 8 themes, their evolving developer philosophy, and more

Thanks to Xbox’s price hike, the Series S is now more expensive than the PS5

Elden Ring Nightreign classes: All 8 Nightfarer characters in FromSoftware’s co-op spinoff explained

Diabetes Detection System using PHP and MYSQL

Diabetes Detection System using PHP and MYSQL

Perficient is Headed to Salesforce Connections 2025: Here’s What You Need to Know

Perficient Wins 2025 Delivery Award at Appian World for Second Consecutive Year

My top gaming laptop of 2024 defended its crown with a redesign, but lost one of my favorite features

My top gaming laptop of 2024 defended its crown with a redesign, but lost one of my favorite features

“I do agree that Diablo 4 still has a lot of untapped potential,” Diablo 4 developers discuss Season 8 themes, their evolving developer philosophy, and more

Thanks to Xbox’s price hike, the Series S is now more expensive than the PS5

CVE-2024-13738 – “Motors Car Dealer, Rental & Listing WordPress Theme Shortcode Execution Vulnerability”

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

CISA Warns of KUNBUS Auth Bypass Vulnerabilities Exposes Systems to Remote Attacks

Hackers Exploiting SimpleHelp RMM Flaws for Persistent Access and Ransomware

Unverified Claims of Cyberattack on Hamburg Airport Surface Amid Cybersecurity Concerns

Dynamic video content moderation and policy evaluation using AWS generative AI services

As the AI ‘grim reaper’ haunts more creative jobs, OpenAI’s CTO says, “maybe they shouldn’t have existed in the first place..if it is not very high quality”

SVAR Svelte UI Components: Our Experience of Migration to Svelte 5

How to Handle MongoDB Migrations with ts-migrate-mongoose

Best N64 Emulator: 5 Versatile and Stable Options

DOOM: The Dark Ages is coming to Blizzard’s Battle.net storefront with Xbox cross-buy support

CVE-2024-13738 – “Motors Car Dealer, Rental & Listing WordPress Theme Shortcode Execution Vulnerability”

Related Posts