WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution

WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution. id:...

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

EUVD-2026-15689

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366

CVE-2026-25366 concerns WordPress plugin Themeisle Woody ad snippets insert-php (vulnerable:

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

PT-2026-27924

Name of the Vulnerable Software and Affected Versions Woody ad snippets versions through 2.7.1 Description A code injection issue exists in Themeisle Woody ad snippets insert-php. The issue involves improper control of code generation, potentially allowing for code injection. The vulnerable...

WordPress plugin Woody ad snippets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Woody ad snippets versions = 2.7.1...

Malicious Package

Overview @woody-mrs-potato/utils-banking is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

EUVD-2019-5909

Malware in sbrugna...

EUVD-2020-24200

Malware in sbrugna...

EUVD-2024-35509

Malicious code in bioql PyPI...

MAL-2025-34920 Malicious code in test-mlw2-azyme-woody-infra-baulk (npm)

The package test-mlw2-azyme-woody-infra-baulk was found to contain malicious code...

Malicious code in test-mlw1-azyme-woody-infra-baulk (npm)

The package test-mlw1-azyme-woody-infra-baulk was found to contain malicious code...

MAL-2025-36645 Malicious code in test-mlw2-woody-vulgo-fraus-kaons (npm)

The package test-mlw2-woody-vulgo-fraus-kaons was found to contain malicious code...

MAL-2025-34772 Malicious code in test-mlw1-azyme-woody-infra-baulk (npm)

The package test-mlw1-azyme-woody-infra-baulk was found to contain malicious code...

Malicious code in test-mlw2-azyme-woody-infra-baulk (npm)

The package test-mlw2-azyme-woody-infra-baulk was found to contain malicious code...

Malicious code in test-mlw2-woody-vulgo-fraus-kaons (npm)

The package test-mlw2-woody-vulgo-fraus-kaons was found to contain malicious code...