cleantalk
Vulnerabilities and Security Researches

Widget Wrangler, CVE-2026-25447

CVE, Research URL

CVE-2026-25447

Home page URL

Security reports for Widget Wrangler

Application

Widget Wrangler

Published on
Mar 25, 2026
Research Description
Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9.
Affected versions
max 2.3.9.
Status
vulnerable
Previous vulnerability researches
Wireless Butler (CVE-2025-26997) , Apr 15, 2025
New vulnerability
Royal Elementor Addons and Templates (CVE-2026-28135) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2025-13067) , Mar 29, 2026
Gift Up Gift Cards for WordPress and WooCommerce (CVE-2026-32412) , Mar 29, 2026
WP Telegram Widget and Join Link (CVE-2026-23807) , Mar 29, 2026
Gutenberg Blocks &#8211; Unlimited blocks For Gutenberg (CVE-2026-25438) , Mar 29, 2026