Description
WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension is prone to a function injection vulnerability. An attacker may leverage this issue to call any static method, with up to three optional parameters. WordPress Plugin Shortcode Addons-with Visual Composer, Divi, Beaver Builder and Elementor Extension version 3.2.5 is vulnerable; prior versions may also be affected.
Remediation
Disable and remove the plugin until a fix is available
References
Related Vulnerabilities
Plone CMS CVE-2012-5503 Vulnerability (CVE-2012-5503)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37150)
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)
Drupal Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2020-36193)