Vulnerabilities > Improper Control of Generation of Code ('Code Injection')

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-08	CVE-2025-26845	Code Injection vulnerability in Znuny An Eval Injection issue was discovered in Znuny through 7.1.3. network low complexity znuny CWE-94 critical	9.8
2025-05-08	CVE-2025-4208	Code Injection vulnerability in Basixonline Nex-Forms The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Limited Code Execution in all versions up to, and including, 8.9.1 via the get_table_records function. network low complexity basixonline CWE-94	6.3
2025-05-08	CVE-2024-13793	Code Injection vulnerability in D-Themes Wolmart The Wolmart \| Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.8.11. network low complexity d-themes CWE-94	7.3
2025-05-07	CVE-2023-7303	A vulnerability, which was classified as problematic, was found in q2apro q2apro-on-site-notifications up to 1.4.6. network low complexity CWE-94	3.5
2025-05-06	CVE-2025-4324	A vulnerability, which was classified as problematic, was found in MRCMS 3.1.2. network low complexity CWE-94	2.4
2025-05-06	CVE-2025-4325	A vulnerability has been found in MRCMS 3.1.2 and classified as problematic. network low complexity CWE-94	2.4
2025-05-06	CVE-2025-4326	A vulnerability was found in MRCMS 3.1.2 and classified as problematic. network low complexity CWE-94	2.4
2025-05-06	CVE-2025-2802	The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.3.1. network low complexity CWE-94	7.3
2025-05-06	CVE-2025-4323	A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. network low complexity CWE-94	2.4
2025-05-05	CVE-2025-4292	A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. network low complexity CWE-94	2.4