WooFramework shortcode exploit
Description
WooFramework, the underlying framework for all WooThemes WordPress themes, contains a critical vulnerability in its shortcode generator's preview functionality. This flaw allows unauthenticated users to execute arbitrary shortcodes with the same privileges as authenticated publishers. Any WordPress installation with WooFramework installed—regardless of whether a WooTheme is actively selected—is vulnerable if unsafe shortcodes (such as [php] which executes raw PHP code) are available on the system. The vulnerability exists in the shortcode preview feature that provides a point-and-click interface for adding shortcodes to posts and pages.
Remediation
Immediately update WooFramework to version 5.3.12 or later using the WooFramework one-click update system. Follow these steps:
1. Log into your WordPress admin dashboard
2. Navigate to the WooFramework settings or theme options panel
3. Use the one-click update feature to install version 5.3.12
4. Verify the update completed successfully by checking the framework version number
5. As an additional security measure, audit and disable any unsafe shortcodes (particularly [php] or similar code execution shortcodes) that are not absolutely necessary for your site's functionality
6. Review server logs for any suspicious activity or unauthorized shortcode execution attempts prior to patching