PT-2025-47216 · WordPress · The Classified Listing – Classified Ads & Business Directory Plugin

Kishan Vyas

Published

2025-11-17

Updated

2025-11-18

CVE-2025-7711

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions The Classified Listing – Classified ads & Business Directory Plugin versions prior to 5.0.4

Description The Classified Listing – Classified ads & Business Directory Plugin for WordPress is susceptible to arbitrary shortcode execution. This occurs because the software does not properly validate input before executing the do shortcode function. Authenticated attackers with Subscriber-level access or higher can exploit this to execute arbitrary shortcodes.

Recommendations Update The Classified Listing – Classified ads & Business Directory Plugin to version 5.0.4 or later.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2025-7711

Affected Products

The Classified Listing – Classified Ads & Business Directory Plugin

CVE-2025-7711

Weakness Enumeration

Related Identifiers

Affected Products

References · 6