CVE-2026-49774

CRITICAL NVD

CVSS Score 9.9

Severity CRITICAL

Published Jun 16, 2026

Vendor unknown

Description

Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0.

References

https://patchstack.com/database/wordpress/plugin/integracao-rd-station/vulnerability/wordpress-rd-station-plugin-5-6-0-remote-code-execution-rce-vulnerability?_s_id=cve