CVE-2025-2809

Name of the Vulnerable Software and Affected Versions: azurecurve Shortcodes in Comments plugin for WordPress versions up to, and including, 2.0.2

Description: The issue is due to the software allowing users to execute an action that does not properly validate a value before running do shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Recommendations: For versions up to, and including, 2.0.2, update to a version later than 2.0.2 to resolve the issue. As a temporary workaround, consider disabling the execution of shortcodes in comments until a patch is available.