{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-67944", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2025-12-15T10:00:06.384Z", "datePublished": "2026-01-22T16:51:54.109Z", "dateUpdated": "2026-04-28T16:14:24.474Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "nelio-ab-testing", "product": "Nelio AB Testing", "vendor": "Nelio Software", "versions": [{"changes": [{"at": "8.2.0", "status": "unaffected"}], "lessThanOrEqual": "8.1.8", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "daroo | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-22T14:21:25.111Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.<p>This issue affects Nelio AB Testing: from n/a through <= 8.1.8.</p>"}], "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.1.8."}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "Code Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "Improper Control of Generation of Code ('Code Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:24.474Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/nelio-ab-testing/vulnerability/wordpress-nelio-ab-testing-plugin-8-1-8-arbitrary-code-execution-vulnerability?_s_id=cve"}], "title": "WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-27T18:06:45.953611Z", "id": "CVE-2025-67944", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-27T18:06:51.079Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-67944", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-27T18:06:45.953611Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-28T16:21:41.076Z"}}], "cna": {"title": "WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "daroo | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "Code Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Nelio Software", "product": "Nelio AB Testing", "versions": [{"status": "affected", "changes": [{"at": "8.2.0", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "8.1.8"}], "packageName": "nelio-ab-testing", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-22T14:21:25.111Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/nelio-ab-testing/vulnerability/wordpress-nelio-ab-testing-plugin-8-1-8-arbitrary-code-execution-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.1.8.", "supportingMedia": [{"type": "text/html", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.<p>This issue affects Nelio AB Testing: from n/a through <= 8.1.8.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-23T14:13:55.205Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67944", "state": "PUBLISHED", "dateUpdated": "2026-04-27T18:06:51.079Z", "dateReserved": "2025-12-15T10:00:06.384Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-01-22T16:51:54.109Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.1.8."}, {"lang": "es", "value": "Vulnerabilidad de Control Inadecuado de la Generaci\u00f3n de C\u00f3digo ('Inyecci\u00f3n de C\u00f3digo') en Nelio Software Nelio AB Testing nelio-ab-testing permite la Inyecci\u00f3n de C\u00f3digo. Este problema afecta a Nelio AB Testing: desde n/a hasta &lt;= 8.1.8."}], "id": "CVE-2025-67944", "lastModified": "2026-04-27T18:16:50.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-01-22T17:16:04.043", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/nelio-ab-testing/vulnerability/wordpress-nelio-ab-testing-plugin-8-1-8-arbitrary-code-execution-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T21:34:52.752132+00:00", "value": {"mitigation_remediation": ["Upgrade Nelio AB Testing to a version newer than 8.1.8.", "If an upgrade cannot be performed immediately, disable or delete the plugin to block the vulnerable code path until a patch is applied.", "Run a file integrity check and audit WordPress logs for signs of unauthorized code execution to ensure no malicious code remains on the system."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "Nelio AB Testing plugin by Nelio Software installed on WordPress environments, from the earliest release up through 8.1.8. Both the core plugin and any plugin\u2011based code that relies on it are affected.", "description_and_impact": "The vulnerability is an improper control of code generation (CWE\u201194) that lets an attacker inject and execute arbitrary code through the Nelio AB Testing plugin. Any user who can interact with the plugin\u2019s features could cause the server to run malicious code, potentially compromising confidentiality, integrity, and availability of the entire WordPress site. The problem exists in versions 8.1.8 and earlier, exposing the application to full remote code execution. The risk is high.", "risk_and_exploitability": "The CVSS base score of 9.1 indicates a critical level of severity. The EPSS value of <1% suggests exploitation is unlikely at this moment, but the presence of a public description and known exploitation potential means attackers could still target it. The vulnerability is not listed in the CISA KEV catalogue, indicating no evidence of active exploitation yet. Attackers would need to interact with plugin\u2011provided endpoints, most likely via unauthenticated HTTP requests or exploiting existing remote administration privileges. Given the fully remote nature, the risk to exposed sites is substantial, especially those with default or weak authentication configurations."}}}}, "created": "2026-01-23T16:31:09.674297+00:00", "updated": "2026-04-27T21:45:14.520859+00:00", "vendors": ["neliosoftware", "neliosoftware$PRODUCT$nelio_ab_testing", "wordpress", "wordpress$PRODUCT$wordpress"]}