CVE-2026-49113
Deferred Deferred - Pending Action
Subscriber Arbitrary Code Execution in Cornerstone

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: Patchstack

Description
Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-17
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-49113
EUVD
EUVD-2026-37497
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cornerstone cornerstone to 7.8.8 (exc)
cornerstone plugin to 7.8.8 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

The vulnerability affects WordPress Cornerstone Plugin versions below 7.8.8 and allows remote arbitrary code execution. Detection involves verifying the plugin version installed on your system.

To detect if your system is vulnerable, check the installed version of the Cornerstone plugin. For example, if you have command line access to the WordPress installation, you can run commands to inspect the plugin version.

  • Navigate to the WordPress plugins directory, typically wp-content/plugins/cornerstone.
  • Check the version in the plugin's main PHP file (usually cornerstone.php) by looking for the Version header, e.g., using: grep 'Version' cornerstone.php
  • Alternatively, use WP-CLI to check the plugin version: wp plugin get cornerstone --field=version

If the version is below 7.8.8, your system is vulnerable and immediate update or mitigation is recommended.

Patchstack has provided a mitigation rule to block attacks until the plugin is updated, so applying such rules on your web application firewall or intrusion prevention system can help detect or block exploitation attempts.

Executive Summary

The WordPress Cornerstone Plugin versions below 7.8.8 contain a vulnerability that allows attackers to execute arbitrary code remotely on affected websites.

This means an attacker can run malicious code on your site without authorization, potentially compromising the entire system.

Impact Analysis

This vulnerability can lead to severe security risks including unauthorized control over your website.

  • Attackers can remotely execute malicious code.
  • It can result in mass-exploit campaigns affecting thousands of sites.
  • Potential full compromise of website integrity, confidentiality, and availability.

Immediate action such as updating the plugin to version 7.8.8 or later is required to mitigate these risks.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to update the WordPress Cornerstone Plugin to version 7.8.8 or later.

If updating the plugin is not possible immediately, users should seek assistance from their hosting provider or web developer.

Additionally, Patchstack has provided a mitigation rule to block attacks targeting this vulnerability until the plugin can be updated.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49113. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart