Code Injection Vulnerability in Nelio Software Nelio AB Testing Product
CVE-2026-32573

9.1CRITICAL

Key Information:

Vendor: WordPress
Status: Nelio Ab Testing
Vendor: CVE Published:; 25 March 2026

What is CVE-2026-32573?

The Nelio AB Testing product from Nelio Software is susceptible to a code injection vulnerability that allows attackers to execute arbitrary code. This vulnerability impacts versions from n/a through 8.2.7, posing significant risks to users who have not updated their software. It is essential for administrators to ensure they are using the most recent version of the software to mitigate potential exploitation.

Affected Version(s)

Nelio AB Testing <= n/a

References

https://patchstack.com/database/Wordpress/Plugin/nelio-ab...

vdb-entry

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2026
Vulnerability Reserved
Mar 12, 2026

Credit

daroo | Patchstack Bug Bounty Program

CVE-2026-32573 Data

JSON

WordPress

What is CVE-2026-32573?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit