WordPress plugin Nelio AB Testing: Code injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-4027

Name of the Vulnerable Software and Affected Versions Nelio AB Testing versions through 8.1.8 Description A code injection issue exists in Nelio AB Testing. The issue allows for improper control of code generation. Recommendations Update Nelio AB Testing to a version later than 8.1.8...

CVE-2025-11837 Malware Remover

An improper control of generation of code vulnerability has been reported to affect Malware Remover. The remote attackers can then exploit the vulnerability to bypass protection mechanism. We have already fixed the vulnerability in the following version: Malware Remover 6.6.8.20251023 and later...

QNAP Systems Malware Remover 代码注入漏洞

QNAP Systems Malware Remover is a built-in security application from Taiwan, China-based QNAP Systems. A code injection vulnerability exists in QNAP Systems Malware Remover, which stems from improper code generation controls that could lead to a bypass of protection mechanisms...

Microsoft Azure Container Apps 代码注入漏洞

Microsoft Azure Container Apps is a serverless container platform from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Azure Container Apps that stems from improper code generation controls and could lead to an unauthorized attacker executing code over the network...

WordPress plugin Javo Core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

WordPress plugin Molla 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2025-66533

Improper Control of Generation of Code 'Code Injection' vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through = 4.13.1...

PT-2025-50086

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in Ivanti Endpoint Manager due to improper control of dynamically managed code resources. A remote, unauthenticated attacker can write arbitrary files on the...

PT-2025-46705

Name of the Vulnerable Software and Affected Versions Dell SmartFabric OS10 Software versions prior to 10.6.1.0 Description Dell SmartFabric OS10 Software versions prior to 10.6.1.0 contain an Improper Control of Generation of Code issue, also known as a Code Injection issue. A local attacker wit...

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-49372

Improper Control of Generation of Code 'Code Injection' vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Remote Code Inclusion.This issue affects HAPPY: from n/a through = 1.0.7...

CVE-2025-62959

Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...

WordPress Alone Theme plugin code injection vulnerability

The WordPress Alone Theme plugin is a premium theme for creating photography-based websites that sells close to 10,000 copies in the Envato marketplace and is mainly used by non-profit organizations e.g. charities, fundraising organizations, etc.. WordPress Alone Theme plugin suffers from a code...

CVE-2025-62023

Improper Control of Generation of Code 'Code Injection' vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through = 250905...

WordPress plugin Alone Theme 安全漏洞

The WordPress Alone Theme plugin is a premium theme for creating photography-based websites that sells close to 10,000 copies in the Envato marketplace and is mainly used by non-profit organizations e.g. charities, fundraising organizations, etc.. WordPress Alone Theme plugin suffers from a code...

EUVD-2025-24745

Malicious code in bioql PyPI...

EUVD-2025-31286

Malicious code in bioql PyPI...

CVE-2025-60114

Improper Control of Generation of Code 'Code Injection' vulnerability in YayCommerce YayCurrency yaycurrency allows Code Injection.This issue affects YayCurrency: from n/a through = 3.3.1...

CVE-2025-58673

Improper Control of Generation of Code 'Code Injection' vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through = 4.1.12...