cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-11038,https://securityvulnerability.io/vulnerability/CVE-2024-11038,Unauthenticated Arbitrary Shortcode Execution Vulnerability in CF7 Popup plugin,"The WPB Popup for Contact Form 7 plugin for WordPress is susceptible to a vulnerability allowing unauthenticated attackers to execute arbitrary shortcodes. This is primarily due to inadequate validation of user inputs in the wpb_pcf_fire_contact_form AJAX action, present in all versions up to and including 1.7.5. Successful exploitation of this vulnerability could enable attackers to manipulate the Wordpress site by executing harmful shortcodes, thereby compromising its integrity and security.",Wordpress,WPb Popup For Contact Form 7 – Showing The Contact Form 7 Popup On Button Click – Cf7 Popup,7.3,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-11-19T11:02:28.827Z,0