{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-7711", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-07-16T13:49:21.442Z", "datePublished": "2025-11-17T22:27:44.762Z", "dateUpdated": "2026-04-08T17:27:12.418Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:27:12.418Z"}, "affected": [{"vendor": "techlabpro1", "product": "Classified Listing \u2013 AI-Powered Classified ads & Business Directory Plugin", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "5.0.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes."}], "title": "Classified Listing \u2013 Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing Description", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9b10db9-0c7c-4f13-9d98-6d407446cfb8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/5.0.2/app/Controllers/Hooks/FilterHooks.php#L367"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')", "cweId": "CWE-94", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Kishan Vyas"}], "timeline": [{"time": "2025-07-06T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-10-21T04:24:14.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-11-17T09:59:24.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-18T16:35:57.971428Z", "id": "CVE-2025-7711", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-18T16:36:12.424Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-7711", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-18T16:35:57.971428Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-18T16:36:08.244Z"}}], "cna": {"title": "Classified Listing \u2013 Classified ads & Business Directory Plugin <= 5.0.3 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Listing Description", "credits": [{"lang": "en", "type": "finder", "value": "Kishan Vyas"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}}], "affected": [{"vendor": "techlabpro1", "product": "Classified Listing \u2013 AI-Powered Classified ads & Business Directory Plugin", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "5.0.3"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-07-06T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-10-21T04:24:14.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-11-17T09:59:24.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9b10db9-0c7c-4f13-9d98-6d407446cfb8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/5.0.2/app/Controllers/Hooks/FilterHooks.php#L367"}], "descriptions": [{"lang": "en", "value": "The The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:27:12.418Z"}}}, "cveMetadata": {"cveId": "CVE-2025-7711", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:27:12.418Z", "dateReserved": "2025-07-16T13:49:21.442Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-11-17T22:27:44.762Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes."}], "id": "CVE-2025-7711", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-11-17T23:15:56.713", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/5.0.2/app/Controllers/Hooks/FilterHooks.php#L367"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9b10db9-0c7c-4f13-9d98-6d407446cfb8?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-20T19:01:17.226620+00:00", "value": {"mitigation_remediation": ["Update the Classified Listing plugin to the latest version (5.0.4 or newer) that removes the vulnerable shortcode handling.", "Review existing listing descriptions to ensure no legacy or malicious shortcodes remain, and remove or sanitize any found.", "Implement role\u2011based content restrictions or use a security plugin that blocks arbitrary shortcode execution for Subscriber\u2011level users to prevent future exploitation."], "summary": {"action": "Patch", "impact": "Arbitrary Shortcode Execution"}, "threat_synthesis": {"affected_systems": "All installations of the Classified Listing \u2013 AI\u2011Powered Classified ads & Business Directory Plugin, version 5.0.3 or earlier, distributed by techlabpro1.", "description_and_impact": "The vulnerability allows an authenticated user with Subscriber-level access to inject and execute arbitrary shortcodes within listing descriptions. By supplying a crafted shortcode, the user triggers WordPress\u2019s do_shortcode function without validating the content, which can lead to execution of server\u2011side code and compromise the website\u2019s confidentiality, integrity, and availability.", "risk_and_exploitability": "The CVSS base score of 5.4 indicates a medium severity. The EPSS score of less than 1% suggests a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. A likely attack vector requires the attacker to have a legitimate WordPress account with Subscriber or higher privileges; once authenticated, the attacker can submit a listing containing a malicious shortcode that bypasses validation and is processed by do_shortcode, giving the attacker the ability to run arbitrary PHP code on the server."}}}}, "created": "2025-11-18T09:05:46.680737+00:00", "updated": "2026-04-20T19:15:15.041219+00:00", "vendors": ["techlabpro1", "techlabpro1$PRODUCT$classified_listing_plugin", "wordpress", "wordpress$PRODUCT$wordpress"]}