CVE-2026-49113
Deferred Deferred - Pending Action

Subscriber Arbitrary Code Execution in Cornerstone

Vulnerability report for CVE-2026-49113, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: Patchstack

Description

Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-07-07
AI Q&A
2026-06-17
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
cornerstone cornerstone to 7.8.8 (exc)
cornerstone plugin to 7.8.8 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The WordPress Cornerstone Plugin versions below 7.8.8 contain a vulnerability that allows attackers to execute arbitrary code remotely on affected websites.

This means an attacker can run malicious code on your site without authorization, potentially compromising the entire system.

Impact Analysis

This vulnerability can lead to severe security risks including unauthorized control over your website.

  • Attackers can remotely execute malicious code.
  • It can result in mass-exploit campaigns affecting thousands of sites.
  • Potential full compromise of website integrity, confidentiality, and availability.

Immediate action such as updating the plugin to version 7.8.8 or later is required to mitigate these risks.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the WordPress Cornerstone Plugin to version 7.8.8 or later.

If updating the plugin is not possible immediately, users should seek assistance from their hosting provider or web developer.

Additionally, Patchstack has provided a mitigation rule to block attacks targeting this vulnerability until the plugin can be updated.

Detection Guidance

The vulnerability affects WordPress Cornerstone Plugin versions below 7.8.8 and allows remote arbitrary code execution. Detection involves verifying the plugin version installed on your system.

To detect if your system is vulnerable, check the installed version of the Cornerstone plugin. For example, if you have command line access to the WordPress installation, you can run commands to inspect the plugin version.

  • Navigate to the WordPress plugins directory, typically wp-content/plugins/cornerstone.
  • Check the version in the plugin's main PHP file (usually cornerstone.php) by looking for the Version header, e.g., using: grep 'Version' cornerstone.php
  • Alternatively, use WP-CLI to check the plugin version: wp plugin get cornerstone --field=version

If the version is below 7.8.8, your system is vulnerable and immediate update or mitigation is recommended.

Patchstack has provided a mitigation rule to block attacks until the plugin is updated, so applying such rules on your web application firewall or intrusion prevention system can help detect or block exploitation attempts.

Compliance Impact

The vulnerability allows remote attackers to execute arbitrary code on affected websites, which can lead to unauthorized access, data breaches, and potential compromise of sensitive information.

Such security breaches can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and cyberattacks.

Therefore, failing to address this vulnerability in the Cornerstone plugin could result in non-compliance with these regulations due to increased risk of data exposure and security incidents.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49113. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart