CVE-2024-13785

Name of the Vulnerable Software and Affected Versions ARForms versions up to and including 1.7.2

Description The ARForms plugin for WordPress is susceptible to arbitrary shortcode execution. The software does not properly validate input before running the do shortcode function, allowing unauthenticated attackers to execute arbitrary shortcodes.

Recommendations Update ARForms to a version later than 1.7.2.