CVE-2025-67944

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

CVE-2025-67944 WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

CVE-2025-67944

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

CVE-2025-67944 WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

CVE-2025-67944

CVE-2025-67944 (Nelio AB Testing) : WordPress plugin Nelio AB Testing (versions

WordPress plugin Nelio AB Testing: Code injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by daroo in WordPress Plugin Nelio AB Testing versions = 8.1.8...

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

CVE-2017-18547

The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms...

CVE-2025-23789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...

Malicious Package

Overview ab-testing-for-wp is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in ab-testing-for-wp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b0f0c139e34ac20e878e9cfdbe5c7a6b664b8cdd4144f1df0bc2ffc948ee661 Any computer that has this package installed or running should be considered...

MAL-2025-48478 Malicious code in ab-testing-for-wp (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b0f0c139e34ac20e878e9cfdbe5c7a6b664b8cdd4144f1df0bc2ffc948ee661 Any computer that has this package installed or running should be considered...

EUVD-2016-1921

Malware in sbrugna...

EUVD-2025-6116

Malicious code in bioql PyPI...

CVE-2016-10926

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php...

CVE-2025-1363

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

CVE-2025-1362

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting customers via CSRF attacks...

CVE-2025-1363

CVE-2025-1363 affects the WordPress plugin “URL Shortener | Conversion Tracking | AB Testing | WooCommerce” (versions up to 9.0.2). The vulnerability is a Stored Cross-Site Scripting (XSS) that occurs due to insufficient sanitisation/escaping of certain plugin settings, enabling a high-privilege ...