CVE-2026-27414
Deferred Deferred - Pending Action

PHP Object Injection in Werkstatt <= 4.8.3

Vulnerability report for CVE-2026-27414, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-02

Last updated on: 2026-07-02

Assigner: Patchstack

Description

Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-02
Last Modified
2026-07-02
Generated
2026-07-02
AI Q&A
2026-07-02
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-27414 is a PHP Object Injection vulnerability found in the WordPress Werkstatt Theme versions up to and including 4.8.3.

This vulnerability allows attackers to inject malicious PHP objects if a suitable Property-Oriented Programming (POP) chain is present.

It can be exploited by users with contributor or developer level access, meaning it does not require high privileges.

Impact Analysis

This vulnerability can lead to several severe impacts including remote code execution, SQL injection, path traversal, and denial of service attacks.

Because of these potential exploits, attackers could take control of the affected system, access or manipulate sensitive data, disrupt service availability, or compromise the integrity of the website.

Detection Guidance

There is no specific detection command or method provided for this vulnerability in the available resources.

However, since the vulnerability affects the WordPress Werkstatt Theme versions up to 4.8.3, detection can start by verifying the theme version installed on your system.

  • Check the WordPress theme version via the WordPress admin dashboard under Appearance > Themes.
  • Alternatively, use command line to check the theme version by inspecting the style.css file in the theme directory, for example:
  • grep 'Version:' wp-content/themes/werkstatt/style.css

No specific network detection commands or signatures are provided to detect exploitation attempts.

Mitigation Strategies

Immediate mitigation steps include updating the WordPress Werkstatt Theme to a version higher than 4.8.3 as soon as an official patch or update is available.

Since no official patch is currently available, Patchstack has issued a mitigation rule to block potential attacks until a fix is released.

  • Apply the Patchstack mitigation rule to block exploit attempts.
  • Contact your hosting provider or web developer for assistance if you cannot update the theme yourself.

Avoid granting contributor or developer privileges to untrusted users, as the exploit requires only basic access.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27414. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart