CVE Catalog

CVE-2026-57315

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile — higher than 27% of all known CVEs

Summary

The vulnerability allows remote code execution (RCE) in the Blocksy Companion Pro plugin up to version 2.1.45. An attacker can exploit this flaw to take control of the server.

Risk Assessment

The risk includes full server compromise, data theft, content modification, and further attacks on the infrastructure.

Recommendation

Immediately update the Blocksy Companion Pro plugin to a version higher than 2.1.45.

Original NVD description (English source)

Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS