Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2024-13797
CVE-2024-13797:
WordPress vulnerability analysis and mitigation
Overview
The PressMart - Modern Elementor WooCommerce WordPress Theme for WordPress contains a vulnerability related to arbitrary shortcode execution that affects all versions prior to 1.2.17. The vulnerability was discovered and addressed in February 2025 (NVD).
Technical details
The vulnerability allows for arbitrary shortcode execution in the PressMart WordPress theme. This security issue was identified and subsequently patched in version 1.2.17, released on February 3, 2025, as part of the theme's security updates (ThemeForest).
Impact
The presence of arbitrary shortcode execution vulnerability could potentially allow attackers to execute unauthorized commands through WordPress shortcodes, which could lead to various security implications for websites using affected versions of the PressMart theme.
Mitigation and workarounds
Users are advised to update to PressMart theme version 1.2.17 or later, which contains the security fix for the arbitrary shortcode execution vulnerability. The update was released on February 3, 2025, and includes specific security patches to address this issue (ThemeForest).
Additional resources
Source: This report was generated using AI
Related WordPress vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management