PT-2026-46911 · WordPress · Product Slider For Woocommerce

Published

2026-06-05

Updated

2026-06-18

CVE-2026-49777

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Product Slider Pro for WooCommerce versions prior to 3.5.4

Description Improper validation of input parameters related to specified quantities allows unauthenticated remote attackers to implant malicious software and execute arbitrary commands, potentially gaining full control over affected WordPress sites. This issue is characterized as a supply chain backdoor.

Recommendations Update to version 3.5.4 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284

Related Identifiers

CVE-2026-49777

Affected Products

Product Slider For Woocommerce

PT-2026-46911 · WordPress · Product Slider For Woocommerce

CVE-2026-49777

Weakness Enumeration

Related Identifiers

Affected Products

References · 8