CVE-2026-32367

Critical CVSS: 9.1

Improper Control of Generation of Code ('Code Injection') vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through <= 3.5.16.

Vendor

Product

CWE

CWE-94

Yayın Tarihi

2026-03-13 19:54:50

Güncelleme

2026-03-16 15:16:23

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-94 CRITICAL 2026

Referanslar

https://patchstack.com/database/Wordpress/Plugin/modal-dialog/vulnerability/wordpress-modal-dialog-plugin-3-5-16-remote-code-execution-rce-vulnerability?_s_id=cve