CVE-2025-26996 — Code Injection in Designs Sign-up Sheets

CWE-94 — Code Injection3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 66.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fetch Designs Sign-up Sheets

Timeline

PublishedApr 15

Latest updateApr 16

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up Sheets sign-up-sheets allows Code Injection.This issue affects Sign-up Sheets: from n/a through <= 2.3.0.1.

Affected Packages1 packages

▶CVEListV5fetch_designs/sign-up_sheets2.3.0.1

🔴Vulnerability Details

GHSA

GHSA-88m8-cgv4-46m9: Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up Sheets allows Code Injection↗2025-04-16

▶

CVEList

WordPress Sign-up Sheets plugin <= 2.3.0.1 - Shortcode Injection vulnerability↗2025-04-15

▶