Screenshot of BaseFortify CVE report page for CVE-2026-3300, showing details about remote code execution via form input and a CVSS score of 9.8.

Technical details:

• CWE-94: Code Injection
• User input concatenated into eval()
• No proper escaping of PHP context
• Triggered via normal form fields

Impact: Unauthenticated remote code execution

#Vulnerability #InfoSec #WordPressSecurity #CWE94