CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13895 – Code Snippets CPT <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-13895
07 Mar 2025 — The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. • https://plugins.trac.wordpress.org/browser/code-snippets-cpt/trunk/lib/CodeSnippitButton.php#L201 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2024-1792 – CMB2 <= 2.10.1 - Authenticated (Contributor+) PHP Object Injection
https://notcve.org/view.php?id=CVE-2024-1792
03 Apr 2024 — The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, ret... • https://plugins.trac.wordpress.org/changeset/3062907/cmb2/trunk?contextall=1&old=2683046&old_path=%2Fcmb2%2Ftrunk • CWE-502: Deserialization of Untrusted Data •