cleantalk
Vulnerabilities and Security Researches

Inpersttion For Theme, CVE-2025-8905

CVE, Research URL

CVE-2025-8905

Home page URL

Security reports for Inpersttion For Theme

Application

Inpersttion For Theme

Published on
Aug 15, 2025
Research Description
The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0 via the theme_section_shortcode() function. This is due to the plugin not restricting what functions can be called. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server which is limited to arbitrary functions without any user supplied parameters.
Affected versions
Min -, max 1.0.
Status
vulnerable
Previous vulnerability researches
WP Table Builder – WordPress Table Plugin (CVE-2025-49286) , Jun 14, 2025
WP Table Builder – WordPress Table Plugin (CVE-2025-32598) , Apr 12, 2025
WP Table Builder – WordPress Table Plugin (CVE-2024-3282) , Aug 25, 2024
WP Table Builder – WordPress Table Plugin (CVE-2024-43125) , Aug 11, 2024
WP Table Builder – WordPress Table Plugin (1ce82cedaf0f4fa2befb03531d4f716b2db4b794) , Jun 07, 2024
New vulnerability
Inspectlet – User Session Recording and Heatmaps (CVE-2025-49048) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8676) , Aug 16, 2025
B Slider – Slider for your block editor (CVE-2025-8680) , Aug 16, 2025
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress (CVE-2025-55708) , Aug 16, 2025
WP Voting (CVE-2025-49057) , Aug 16, 2025