WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution

WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution. id:...

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

EUVD-2026-15689

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

CVE-2026-25366

CVE-2026-25366 concerns WordPress plugin Themeisle Woody ad snippets insert-php (vulnerable:

CVE-2026-25366 WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through = 2.7.1...

WordPress plugin Woody ad snippets 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

PT-2026-27924

Name of the Vulnerable Software and Affected Versions Woody ad snippets versions through 2.7.1 Description A code injection issue exists in Themeisle Woody ad snippets insert-php. The issue involves improper control of code generation, potentially allowing for code injection. The vulnerable...

WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Woody ad snippets versions = 2.7.1...

Malicious Package

Overview @woody-mrs-potato/utils-banking is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

EUVD-2019-5909

Malware in sbrugna...

EUVD-2020-24200

Malware in sbrugna...

EUVD-2024-35509

Malicious code in bioql PyPI...

Malicious code in test-mlw1-azyme-woody-infra-baulk (npm)

The package test-mlw1-azyme-woody-infra-baulk was found to contain malicious code...

Malicious code in test-mlw2-azyme-woody-infra-baulk (npm)

The package test-mlw2-azyme-woody-infra-baulk was found to contain malicious code...

Malicious code in test-mlw2-woody-vulgo-fraus-kaons (npm)

The package test-mlw2-woody-vulgo-fraus-kaons was found to contain malicious code...

MAL-2025-34920 Malicious code in test-mlw2-azyme-woody-infra-baulk (npm)

The package test-mlw2-azyme-woody-infra-baulk was found to contain malicious code...

MAL-2025-36645 Malicious code in test-mlw2-woody-vulgo-fraus-kaons (npm)

The package test-mlw2-woody-vulgo-fraus-kaons was found to contain malicious code...

MAL-2025-34772 Malicious code in test-mlw1-azyme-woody-infra-baulk (npm)

The package test-mlw1-azyme-woody-infra-baulk was found to contain malicious code...