A critical vulnerability, CVE-2026-40783, was published on June 17, 2026, affecting Blocksy Companion Pro plugin versions <= 2.1.37. This vulnerability allows a contributor to execute remote code, posing a significant risk to WordPress sites using the affected plugin. The CVSS score is 9.9, indicating a critical severity. Users should immediately update to a patched version or apply mitigations to prevent [truncated]
CVE-2026-39596 is a critical vulnerability in the Blocksy Companion Pro plugin, which allows unauthenticated SQL injection attacks. The vulnerability has a CVSS score of 9.3 and is considered critical. It was published on June 17, 2026, and last modified on the same day. The vendor and product information is not confirmed, but the vulnerability is reported by Patchstack. This vulnerability can allow attac [truncated]
