Skip to main content

Nelio Ab Testing

2 CVEs product

Monthly

CVE-2026-40742 MEDIUM This Month

Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through <= 8.2.8.

Authentication Bypass Nelio Ab Testing
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-32573 CRITICAL Act Now

A Code Injection vulnerability (CWE-94) exists in Nelio AB Testing WordPress plugin through version 8.2.7 that allows attackers to execute arbitrary code on affected installations. The vulnerability affects the Nelio Software product across all versions up to and including 8.2.7, potentially enabling remote code execution (RCE). This is a critical severity issue as it permits unauthenticated or low-privilege attackers to gain complete control over WordPress sites running the vulnerable plugin.

Code Injection RCE Nelio Ab Testing
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through <= 8.2.8.

Authentication Bypass Nelio Ab Testing
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

A Code Injection vulnerability (CWE-94) exists in Nelio AB Testing WordPress plugin through version 8.2.7 that allows attackers to execute arbitrary code on affected installations. The vulnerability affects the Nelio Software product across all versions up to and including 8.2.7, potentially enabling remote code execution (RCE). This is a critical severity issue as it permits unauthenticated or low-privilege attackers to gain complete control over WordPress sites running the vulnerable plugin.

Code Injection RCE Nelio Ab Testing
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy