PT-2026-28062

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

CVE-2026-30960

The CVE entry CVE-2026-30960 has a connected advisory GHSA-9C4H-PWMF-M6FJ describing an Arbitrary Code Execution in RSSN via the JIT compilation engine exposed through the CFFI interface. The vulnerability stems from improper input validation and external control of code generation, enabling an a...

PT-2025-52131

Improper Control of Generation of Code 'Code Injection' vulnerability in The4 Molla molla allows Code Injection.This issue affects Molla: from n/a through = 1.5.13...

EUVD-2024-45765

Malicious code in bioql PyPI...

CVE-2025-54019

Improper Control of Generation of Code 'Code Injection' vulnerability in Beplusthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through 7.8.5...

CVE-2024-49254

Improper Control of Generation of Code 'Code Injection' vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through = 1.0...

CVE-2024-36268 Apache InLong TubeMQ Client: Remote Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0 through 1.12.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.13.0 or cherry-pick 1 to solve it. 1 ...

CVE-2024-25600

Improper Control of Generation of Code 'Code Injection' vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6...

CVE-2024-4264

The CVE-2024-4264 entry affects berriai/litellm. The vulnerability is caused by unsafe use of eval in litellm.get_secret() when the server uses Google KMS, allowing untrusted data to be evaluated. Attackers can inject malicious values into environment variables via the /config/update endpoint, en...

CVE-2024-31266

CVE-2024-31266 is an authenticated remote code execution vulnerability in the WordPress plugin Advanced Order Export For WooCommerce (

CVE-2024-32599

CVE-2024-32599 is an unauthenticated code injection vulnerability in the WordPress plugin WP Dummy Content Generator up to version 3.2.1. The issue is described as an Improper Control of Generation of Code, enabling arbitrary code execution. The CVSS scope is CHANGED with a base score of 10.0, ve...

CVE-2024-31864

CVE-2024-31864 affects Apache Zeppelin prior to 0.11.1, enabling code injection when establishing a MySQL JDBC connection. The issue is described as improper control of generation of code, with a CVSS v3.1 base score of 9.8 (Network, HIGH impact on confidentiality, integrity, and availability). T...

CVE-2024-24707

Improper Control of Generation of Code 'Code Injection' vulnerability in Cwicly Builder, SL. Cwicly allows Code Injection.This issue affects Cwicly: from n/a through 1.4.0.2...

CVE-2023-51784 Apache InLong: Remote Code Execution vulnerability in Apache InLong Manager

Improper Control of Generation of Code 'Code Injection' vulnerability in Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.9.0, which could lead to Remote Code Execution. Users are advised to upgrade to Apache InLong's 1.10.0 or cherry-pick 1 to solve it. 1...

Code injection

Improper Control of Generation of Code 'Code Injection' vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2...

CVE-2023-51420 WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2...

CVE-2023-22677

Improper Control of Generation of Code 'Code Injection' vulnerability in BinaryStash WP Booklet.This issue affects WP Booklet: from n/a through 2.1.8...

CVE-2023-25054

Improper Control of Generation of Code 'Code Injection' vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6...

Code injection

Improper Control of Generation of Code 'Code Injection' vulnerability in TienCOP WP EXtra.This issue affects WP EXtra: from n/a through 6.2...

PT-2023-19900 · Rsvpmaker · Rsvpmaker

Name of the Vulnerable Software and Affected Versions: RSVPMaker versions n/a through 10.6.6 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects the generation of code, potentially allowing for code injection...