WordPress Plugin Vulnerabilities

WP Photo Album Plus < 8.7.00.004 - Unauthenticated Arbitrary Shortcode Execution

Description

The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Affects Plugins

Plugin icon
wp-photo-album-plus
Fixed in 8.7.00.004

References

CVE
CVE-2024-4037
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee-0a0d-49f7-83b1-4716eec3b863

Classification

Type
RCE
OWASP top 10
A1: Injection
CWE
CWE-94
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
stealthcopter
Verified
No
WPVDB ID
9943ac19-95e3-4273-a245-d3ecb8aa63bc

Timeline

Publicly Published
2024-05-23 (about 2 years ago)
Added
2024-05-23 (about 2 years ago)
Last Updated
2024-05-24 (about 2 years ago)

Other

Published
Title
Published
2019-03-11
Title
WP Live Chat Support Pro < 8.0.0.7 - Unauthenticated RCE
Published
2024-08-07
Title
WooCommerce Product Table Lite < 3.8.6 - Unauthenticated Arbitrary Shortcode Execution
Published
2026-03-05
Title
WP All Import < 4.0.1 - Reflected Cross-Site Scripting via 'filepath'
Published
2025-10-24
Title
Discussion Board – WordPress Forum Plugin < 2.5.6 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
Published
2020-04-27
Title
Simple File List < 4.2.3 - Unauthenticated Arbitrary File Upload RCE