CVE-2024-13738

Name of the Vulnerable Software and Affected Versions The Motors - Car Dealer, Rental & Listing WordPress theme versions up to, and including, 5.6.65

Description The issue is related to arbitrary shortcode execution due to improper validation of a value before running do shortcode, allowing unauthenticated attackers to execute arbitrary shortcodes.

Recommendations For versions up to, and including, 5.6.65, as a temporary workaround, consider restricting the execution of shortcodes to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.