Primary

Context

Classified Listing WordPress Plugin Shortcode Execution Vulnerability

Vulnerability

A vulnerability exists in the Classified Listing – Classified ads & Business Directory Plugin for WordPress, allowing authenticated users with Subscriber-level access and above to execute arbitrary shortcodes. This issue affects all versions of the plugin prior to 5.0.3. The vulnerability arises because the plugin does not properly validate user input before processing shortcodes, enabling the execution of potentially harmful code.

Impact

Exploitation of this vulnerability could lead to unauthorized shortcode execution, allowing attackers to inject and execute custom code within the WordPress environment, potentially causing further harm or disruption.

Remediation

Users are advised to update the Classified Listing – Classified ads & Business Directory Plugin to version 5.0.4 or a newer patched version.

Added: Nov 17, 2025, 11:17 PM

Updated: Nov 17, 2025, 11:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.9

remediation

7.7

relevance

1.1

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.9

remediation

7.7

relevance

1.1

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Classified Listing WordPress Plugin Shortcode Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating