cleantalk
Vulnerabilities and Security Researches

Post Snippets – Custom WordPress Code Snippets Customizer, CVE-2026-25001

CVE, Research URL

CVE-2026-25001

Home page URL

Security reports for Post Snippets – Custom WordPress Code Snippets Customizer

Application

Post Snippets – Custom WordPress Code Snippets Customizer

Published on
Mar 25, 2026
Research Description
Improper Control of Generation of Code ('Code Injection') vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through <= 4.0.12.
Affected versions
max 4.0.12.
Status
vulnerable
Previous vulnerability researches
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2025-63040) , Jan 10, 2026
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2022-4974) , Nov 15, 2024
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2026-7430) , May 31, 2026
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2026-25001) , Mar 31, 2026
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2021-25010) , Jun 07, 2024
New vulnerability
StatCounter &#8211; Free Real Time Visitor Stats (CVE-2026-6275) , May 31, 2026
Post Snippets &#8211; Custom WordPress Code Snippets Customizer (CVE-2026-7430) , May 31, 2026
Poll Maker &#8211; Best WordPress Poll Plugin (CVE-2026-8995) , May 31, 2026
Login with phone number (CVE-2026-3655) , May 31, 2026
Spectra &#8211; WordPress Gutenberg Blocks (CVE-2026-7465) , May 31, 2026