CVE-2024-13793 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2024-13793?

CVE-2024-13793 has a CVSS score of 7.3 (HIGH). This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the Wolmart theme. Attackers can inject malicious shortcodes that may lead to remote code execution, data exposure, or site defacement. All WordPress sites using Wolmart theme versions up to 1.8.11 are affected.

📋 TL;DR

This vulnerability allows unauthenticated attackers to execute arbitrary WordPress shortcodes in the Wolmart theme. Attackers can inject malicious shortcodes that may lead to remote code execution, data exposure, or site defacement. All WordPress sites using Wolmart theme versions up to 1.8.11 are affected.

💻 Affected Systems

Products:

Wolmart | Multi-Vendor Marketplace WooCommerce Theme

Versions: All versions up to and including 1.8.11

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WordPress with WooCommerce. Vulnerability exists in theme's shortcode handling functionality.

📦 What is this software?

Wolmart by D Themes

View all CVEs affecting Wolmart →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete site compromise, data theft, or malware installation.

🟠

Likely Case

Site defacement, data exposure, or privilege escalation through malicious shortcode execution.

🟢

If Mitigated

Limited impact if shortcode execution is restricted through security plugins or custom filters.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires no authentication and shortcode injection is straightforward.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.12 or later

Vendor Advisory: https://themeforest.net/item/wolmart-multivendor-marketplace-woocommerce-theme/32947681#item-description__changelog

Restart Required: No

Instructions:

1. Update Wolmart theme to version 1.8.12 or later via WordPress admin panel. 2. Verify theme update completed successfully. 3. Clear any caching plugins or CDN caches.

🔧 Temporary Workarounds

Disable vulnerable theme

all

Temporarily switch to default WordPress theme until patch is applied

Restrict shortcode execution

all

Use security plugins to filter or disable shortcode execution

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block shortcode injection attempts
Restrict access to affected WordPress site using IP whitelisting or authentication

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel > Appearance > Themes for Wolmart theme version 1.8.11 or earlier

Check Version:

wp theme list --field=name,version --format=csv

Verify Fix Applied:

Confirm Wolmart theme version is 1.8.12 or later in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual shortcode execution patterns in WordPress debug logs
Multiple failed shortcode execution attempts

Network Indicators:

HTTP POST requests containing shortcode injection patterns to theme endpoints

SIEM Query:

source="wordpress.log" AND ("do_shortcode" OR "shortcode_atts") AND status=200

📊 Metadata

CVE ID: CVE-2024-13793

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-94

EPSS Score: 0.78% exploit probability (73.2th percentile)

Published: May 8, 2025

Last Updated: June 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-13793, you might also want to check these: