CVE-2026-27984

{"id": "CVE-2026-27984", "cveTags": [], "metrics": {}, "published": "2026-03-05T06:16:30.510", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/widget-options/vulnerability/wordpress-widget-options-plugin-4-1-3-remote-code-execution-rce-vulnerability?_s_id=cve", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.1.3."}], "lastModified": "2026-03-05T19:38:53.383", "sourceIdentifier": "[email protected]"}