A flaw in two WordPress plugins allowed malicious comments to run PHP code on sites.

Elegant Themes announced that several of their products contained a code injection vulnerability and should be updated right away. The vulnerability allows an untrustworthy user to execute PHP ...

This may aid them in brute-force password cracking or other attacks. phpMyAdmin ‘setup.php’ PHP Code Injection Vulnerability: phpMyAdmin is prone to a remote PHP code-injection vulnerability.

Security vendor Wordfence has revealed a new PHP code injection vulnerability with a CVSS score of 9.8, which could enable remote code execution (CVE-2023-6553). The impacted plugin, Backup Migration, ...

The majority of the remaining vulnerabilities are marked as "moderately critical ". Among other things, PHP code injection can occur at these points, allowing attackers to execute their own code.

There is a remote PHP code-injection vulnerability (PMASA-2009-4) affecting phpMyAdmin.

A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the ...