Arbitrary Shortcode Execution Vulnerability in AI Infographic Maker Plugin for WordPress
CVE-2024-12415
6.5MEDIUM
What is CVE-2024-12415?
The AI Infographic Maker plugin for WordPress is susceptible to a vulnerability that allows for arbitrary shortcode execution. This weakness exists in all versions up to and including 4.9.0 and arises from improper validation processes when executing a shortcode. Unauthorized attackers can exploit this flaw, gaining the ability to run their own shortcodes without authentication. This could lead to a variety of security risks, including the possibility of executing malicious code on compromised WordPress sites.
Affected Version(s)
AI Infographic Maker * <= 4.9.0