CVE-2024-12333 is a vulnerability classified under CWE-94 (Improper Control of Generation of Code) affecting the Woodmart theme for WordPress, developed by xTemos. The flaw exists in all versions up to and including 8.0.3 and allows unauthenticated attackers to execute arbitrary shortcodes through the woodmart_instagram_ajax_query AJAX action. The root cause is insufficient validation of user-supplied input before it is passed to WordPress's do_shortcode function, which processes shortcode strings and executes embedded code. Because the AJAX action is accessible without authentication and does not require user interaction, an attacker can remotely trigger shortcode execution, potentially injecting malicious code or commands. The vulnerability impacts confidentiality and integrity by enabling unauthorized code execution within the WordPress environment, but it does not directly affect system availability. No patches or official fixes are currently linked, and no exploits have been observed in the wild as of the publication date. The CVSS v3.1 score of 6.5 reflects the vulnerability's network attack vector, low attack complexity, no privileges required, and no user interaction needed, with limited confidentiality and integrity impacts and no availability impact. This vulnerability is significant for websites using the Woodmart theme, especially those that rely on Instagram AJAX queries, as it could be leveraged to compromise site content or inject malicious payloads.

The primary impact of CVE-2024-12333 is unauthorized code execution within WordPress sites using the Woodmart theme, which can lead to confidentiality breaches such as data leakage or exposure of sensitive site information. Integrity may be compromised by attackers injecting malicious shortcodes that alter site content, deface pages, or insert backdoors for persistent access. Although availability is not directly affected, secondary impacts such as site reputation damage or indirect denial of service through malicious content could occur. For organizations, this vulnerability threatens the security of their web presence, potentially undermining customer trust and exposing them to further attacks like phishing or malware distribution. The ease of exploitation without authentication increases the risk of widespread automated attacks, especially against unpatched sites. E-commerce platforms, blogs, and corporate websites using Woodmart are particularly vulnerable, potentially affecting business operations and customer data privacy.

Organizations should immediately verify if their WordPress installations use the Woodmart theme, specifically versions up to 8.0.3. Since no official patch is currently linked, administrators should consider the following mitigations: 1) Temporarily disable or restrict access to the woodmart_instagram_ajax_query AJAX action via web application firewall (WAF) rules or server-level access controls to block unauthenticated requests. 2) Implement input validation and sanitization at the application or plugin level to prevent untrusted input from reaching do_shortcode. 3) Monitor web server and WordPress logs for suspicious AJAX requests targeting the vulnerable endpoint. 4) Limit shortcode usage and review all active shortcodes for potential abuse. 5) Keep WordPress core, themes, and plugins updated and subscribe to vendor security advisories for prompt patching once available. 6) Employ security plugins that detect and block code injection attempts. 7) Conduct regular security audits and penetration testing focused on shortcode and AJAX endpoint vulnerabilities. These steps will reduce the attack surface and mitigate exploitation risk until an official patch is released.