プラットフォーム
wordpress
コンポーネント
arforms-form-builder
修正版
1.7.3
CVE-2024-13785 describes an arbitrary shortcode execution vulnerability within the ARForms plugin for WordPress. This flaw allows unauthenticated attackers to inject and execute malicious shortcodes, potentially leading to website defacement, data theft, or complete compromise. The vulnerability affects all versions of ARForms up to and including 1.7.2. A patch is expected to be released by the vendor.
The impact of CVE-2024-13785 is significant due to its ease of exploitation and the potential for widespread compromise. An attacker can leverage this vulnerability to execute arbitrary PHP code through shortcodes, effectively gaining control over the affected WordPress website. This could involve modifying content, injecting malware, stealing sensitive data (user credentials, database information), or even taking over the entire server. The ability to execute arbitrary code without authentication makes this a particularly dangerous vulnerability, especially for sites with sensitive data or critical functionality.
This vulnerability is currently not listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the ease of exploitation suggests a high likelihood of exploitation once a PoC is released. The vulnerability was publicly disclosed on 2026-03-21.
Websites using the ARForms plugin, particularly those with user-submitted forms or surveys, are at risk. Shared hosting environments where plugin updates are managed by the hosting provider may be particularly vulnerable if they haven't applied the patch.
• wordpress / composer / npm:
grep -r 'do_shortcode' /var/www/html/wp-content/plugins/arforms/• wordpress / composer / npm:
wp plugin list --status=active | grep arforms• wordpress / composer / npm:
wp plugin update arforms --alldisclosure
エクスプロイト状況
EPSS
0.11% (29% パーセンタイル)
CVSS ベクトル
The primary mitigation for CVE-2024-13785 is to immediately upgrade the ARForms plugin to the latest available version once a patch is released by the vendor. Until a patch is available, consider implementing a temporary workaround by disabling shortcode execution in user-supplied input fields within the ARForms plugin. Web application firewalls (WAFs) configured to detect and block malicious shortcode injections can also provide an additional layer of protection. Monitor WordPress logs for suspicious shortcode activity.
既知の修正パッチはありません。脆弱性の詳細を詳細に確認し、組織のリスク許容度に基づいて軽減策を講じてください。影響を受けるソフトウェアをアンインストールし、代替手段を見つけるのが最善かもしれません。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2024-13785 is a vulnerability in the ARForms WordPress plugin allowing unauthenticated attackers to execute arbitrary shortcodes due to insufficient input validation, potentially leading to website compromise.
If you are using ARForms version 1.7.2 or earlier, you are potentially affected by this vulnerability. Check your plugin version and upgrade as soon as a patch is available.
Upgrade the ARForms plugin to the latest version as soon as a patch is released by the vendor. Until then, consider disabling shortcode execution in user-supplied input fields.
While no active exploitation has been confirmed, the ease of exploitation suggests a high likelihood of exploitation once a public proof-of-concept is released.
Check the official ARForms website and WordPress plugin repository for updates and security advisories related to CVE-2024-13785.
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。