Woody ad snippets
This hub aggregates every CVE we track for Woody ad snippets, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 5 most recently published vulnerabilities affecting Woody ad snippets.
- CVE-2026-25366WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability9.9
- CVE-2024-35751WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2019-16289The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.5.4
- CVE-2019-15858admin/includes/class.import.snippet.php in the "Woody ad snippets" plugin before 2.2.5 for WordPress allows unauthenticated options import, as demonstrated by storing an XSS payload for remote code...8.8
- CVE-2019-14773admin/includes/class.actions.snippet.php in the "Woody ad snippets" plugin through 2.2.5 for WordPress allows wp-admin/admin-post.php?action=close&post= deletion.7.5
Product normalization is registry-driven with AI assist and human review. How it works