Primary

Context

WordPress Woody Ad Snippets Plugin Code Injection Vulnerability Allowing Remote Code Execution

Vulnerability

A code injection vulnerability has been identified in the WordPress Woody Ad Snippets plugin, specifically in versions through 2.7.1. This vulnerability allows for remote code execution, enabling attackers to execute commands on the affected website, potentially leading to full control over the site.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected website, which could be used to gain unauthorized access and control over the site.

Remediation

Users of the Woody Ad Snippets plugin should update to version 2.7.2 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: Mar 25, 2026, 8:25 PM

Updated: Mar 25, 2026, 8:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Woody Ad Snippets Plugin Code Injection Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating