Arbitrary Shortcode Execution Vulnerability in Discussion Board Plugin for WordPress
CVE-2025-8483
6.3MEDIUM
Key Information:
- Vendor
WordPress
- Vendor
- CVE Published:
- 25 October 2025
What is CVE-2025-8483?
The Discussion Board – WordPress Forum Plugin is susceptible to an arbitrary shortcode execution vulnerability that affects all versions up to 2.5.5. This flaw arises from inadequate validation of user inputs, allowing authenticated users with Subscriber-level access or higher to execute arbitrary shortcodes by triggering actions that bypass security checks. It is crucial for site administrators to update to a patched version to defend against potential malicious use.
Affected Version(s)
Discussion Board – WordPress Forum Plugin * <= 2.5.5