CVE-2024-4144

Name of the Vulnerable Software and Affected Versions Simple Basic Contact Form plugin for WordPress versions up to and including 20240502

Description The issue allows unauthenticated attackers to execute arbitrary shortcodes, depending on the functionality of other plugins installed in the environment. The severity and exploitability of this issue vary based on the specific plugins and their configurations.

Recommendations For versions up to and including 20240502, update to a version that contains a fix for this issue, as using arbitrary shortcode execution can pose significant risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.