Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.6
Nelio AB Testing Exposes Sensitive Data due to SQL Injection
CVE-2026-25378
Summary
Nelio AB Testing, a plugin for WordPress, is vulnerable to a security flaw that can allow hackers to access sensitive data. This means that an attacker could potentially steal or modify information stored in your website's database. To protect your site, update Nelio AB Testing to a version higher than 8.2.4.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects ...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through <= 8.2.4.
nvd CVSS3.1
7.6
Vulnerability type
CWE-89
SQL Injection
Published: 19 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026