Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.0
Marketing Fire Widget Options allows malicious code to be injected
CVE-2026-27984
Summary
A security issue in Marketing Fire Widget Options allows attackers to inject malicious code, which could allow them to access sensitive information or take control of a website. This affects versions up to 4.1.3 of the widget. Users should update to a fixed version to prevent this issue.
Original title
Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= ...
Original description
Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.1.3.
Vulnerability type
CWE-94
Code Injection
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026