CVE-2025-13035

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...

EUVD-2025-198141

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...

CVE-2025-13035

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...

CVE-2025-13035 Code Snippets <= 3.9.1 - Authenticated (Contributor+) PHP Code Injection via extract() and PHP Filter Chains

The Code Snippets plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.9.1. This is due to the plugin's use of extract on attacker-controlled shortcode attributes within the evaluateshortcodefromflatfile method, which can be used to overwrite the...

PT-2025-47445

Name of the Vulnerable Software and Affected Versions Code Snippets versions prior to 3.9.1 Description The Code Snippets plugin for WordPress is susceptible to PHP Code Injection in versions up to and including 3.9.1. This occurs because the plugin utilizes extract on shortcode attributes...

Multiple Local Memory Corruption Vulnerabilities in LibTIFF

LibTIFF is a library for reading and writing labeled image file formats. LibTIFF has multiple local memory corruption vulnerabilities that could be exploited by remote attackers to construct malicious files that could be parsed by the user, which could crash the application or execute arbitrary...