Nelio Ab Testing CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-67944	2 Neliosoftware, Wordpress	2 Nelio Ab Testing, Wordpress	2026-01-24	N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.1.8.
CVE-2017-18547	1 Neliosoftware	1 Nelio Ab Testing	2024-11-21	N/A
The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.
CVE-2016-10977	1 Neliosoftware	1 Nelio Ab Testing	2024-11-21	6.5 Medium
The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal.
CVE-2016-10927	1 Neliosoftware	1 Nelio Ab Testing	2024-11-21	N/A
The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.
CVE-2016-10926	1 Neliosoftware	1 Nelio Ab Testing	2024-11-21	N/A
The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.

Page 1 of 1.