CVE-2026-49113

HIGH

WordPress Cornerstone plugin < 7.8.8 - Arbitrary Code Execution vulnerability

Title source: cna
STIX 2.1

Description

Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions.

Scores

CVSS v3 8.5
EPSS 0.0037
EPSS Percentile 29.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (1)
THEMECO/Cornerstone < 7.8.8
Published Jun 17, 2026
Tracked Since Jun 17, 2026