Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.6
WordPress Plugin Vulnerability Allows Malicious Code Injection
BELL-CVE-2026-28419
Summary
A security issue was found in a popular WordPress plugin that allows attackers to inject malicious code into websites. This could lead to unauthorized access, data theft, or website compromise. Website owners should update the plugin to the latest version immediately to prevent potential attacks.
What to do
- Update bellsoft vim to version 9.2.0078-r0.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| bellsoft | vim | > 9.0.0820-r2 , <= 9.2.0078-r0 | 9.2.0078-r0 |
| bellsoft | vim | > 9.1.1415-r0 , <= 9.2.0078-r0 | 9.2.0078-r0 |
| bellsoft | vim | > 9.0.1395-r0 , <= 9.2.0078-r0 | 9.2.0078-r0 |
Original title
BELL-CVE-2026-28419
osv CVSS3.1
6.6
- https://docs.bell-sw.com/security/cves/CVE-2026-28419 Vendor Advisory
Published: 2 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026