平台
wordpress
组件
arforms-form-builder
修复版本
1.7.3
CVE-2024-13785 describes an arbitrary shortcode execution vulnerability within the ARForms plugin for WordPress. This flaw allows unauthenticated attackers to inject and execute malicious shortcodes, potentially leading to website defacement, data theft, or complete compromise. The vulnerability affects all versions of ARForms up to and including 1.7.2. A patch is expected to be released by the vendor.
The impact of CVE-2024-13785 is significant due to its ease of exploitation and the potential for widespread compromise. An attacker can leverage this vulnerability to execute arbitrary PHP code through shortcodes, effectively gaining control over the affected WordPress website. This could involve modifying content, injecting malware, stealing sensitive data (user credentials, database information), or even taking over the entire server. The ability to execute arbitrary code without authentication makes this a particularly dangerous vulnerability, especially for sites with sensitive data or critical functionality.
This vulnerability is currently not listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet widely available, but the ease of exploitation suggests a high likelihood of exploitation once a PoC is released. The vulnerability was publicly disclosed on 2026-03-21.
Websites using the ARForms plugin, particularly those with user-submitted forms or surveys, are at risk. Shared hosting environments where plugin updates are managed by the hosting provider may be particularly vulnerable if they haven't applied the patch.
• wordpress / composer / npm:
grep -r 'do_shortcode' /var/www/html/wp-content/plugins/arforms/• wordpress / composer / npm:
wp plugin list --status=active | grep arforms• wordpress / composer / npm:
wp plugin update arforms --alldisclosure
漏洞利用状态
EPSS
0.11% (29% 百分位)
CVSS 向量
The primary mitigation for CVE-2024-13785 is to immediately upgrade the ARForms plugin to the latest available version once a patch is released by the vendor. Until a patch is available, consider implementing a temporary workaround by disabling shortcode execution in user-supplied input fields within the ARForms plugin. Web application firewalls (WAFs) configured to detect and block malicious shortcode injections can also provide an additional layer of protection. Monitor WordPress logs for suspicious shortcode activity.
目前没有已知的补丁。请深入审查漏洞的详细信息,并根据您组织的风险承受能力采取缓解措施。最好卸载受影响的软件并寻找替代方案。
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2024-13785 is a vulnerability in the ARForms WordPress plugin allowing unauthenticated attackers to execute arbitrary shortcodes due to insufficient input validation, potentially leading to website compromise.
If you are using ARForms version 1.7.2 or earlier, you are potentially affected by this vulnerability. Check your plugin version and upgrade as soon as a patch is available.
Upgrade the ARForms plugin to the latest version as soon as a patch is released by the vendor. Until then, consider disabling shortcode execution in user-supplied input fields.
While no active exploitation has been confirmed, the ease of exploitation suggests a high likelihood of exploitation once a public proof-of-concept is released.
Check the official ARForms website and WordPress plugin repository for updates and security advisories related to CVE-2024-13785.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。