36535 matches found
chartbrew 代码注入漏洞
Chartbrew is an open-source data visualization and dashboard building tool developed by Chartbrew. Versions of Chartbrew prior to 4.8.1 contained a code injection vulnerability, which was caused by remote code execution vulnerabilities in MongoDB dataset queries...
WordPress plugin WP All Import 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-20008
A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...
EUVD-2026-9784
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
EUVD-2026-9654
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
EUVD-2026-9531
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
CVE-2026-28134
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-27984
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-22390
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
CVE-2026-28134
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-28134 WordPress JetEngine plugin <= 3.7.2 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...
CVE-2026-28134
CVE-2026-28134 is a confirmed RCE in Crocoblock JetEngine plugin for WordPress, affecting JetEngine versions up to and including 3.7.2. The issue is described as an improper control of code generation that enables Remote Code Inclusion/Execution. Multiple sources (NVD, Red Hat, CVE listings) corr...
CVE-2026-27984 WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-27984
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-27984 WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through = 4.1.3...
CVE-2026-27984
CVE-2026-27984 is a code injection (RCE) vulnerability in the Widget Options: Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin (Widget Options) affecting versions up to 4.1.3. The issue stems from improper control of code generation, enabling remote code execution. Th...
CVE-2026-22390
CVE-2026-22390 affects Builderall Builder for WordPress (plugin: builderall-cheetah-for-wp) up to version 3.0.1 and permits Code Injection/Remote Code Execution. The NVD entry reports a CVSS v3.1 base score of 9.9 (CRITICAL) with Network attack vector, Low attack complexity, Privileges Required: ...
CVE-2026-22390 WordPress Builderall Builder for WordPress plugin <= 3.0.1 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
CVE-2026-22390 WordPress Builderall Builder for WordPress plugin <= 3.0.1 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through = 3.0.1...
PT-2026-23404
Improper Control of Generation of Code 'Code Injection' vulnerability in Crocoblock JetEngine jet-engine allows Remote Code Inclusion.This issue affects JetEngine: from n/a through = 3.7.2...