Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
Malicious Code Can Be Injected into Builderall for WordPress
CVE-2026-22390
Summary
A security flaw in Builderall Builder for WordPress allows attackers to inject malicious code into a website. This could lead to unauthorized access to sensitive data or website compromise. Update to version 3.0.2 or later to fix this issue.
Original title
Improper Control of Generation of Code ('Code Injection') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall ...
Original description
Improper Control of Generation of Code ('Code Injection') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Builder for WordPress: from n/a through <= 3.0.1.
Vulnerability type
CWE-94
Code Injection
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026