CVE-2026-22390

{"id": "CVE-2026-22390", "cveTags": [], "metrics": {}, "published": "2026-03-05T06:16:13.520", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/builderall-cheetah-for-wp/vulnerability/wordpress-builderall-builder-for-wordpress-plugin-3-0-1-remote-code-execution-rce-vulnerability?_s_id=cve", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through <= 3.0.1."}], "lastModified": "2026-03-05T19:38:53.383", "sourceIdentifier": "[email protected]"}