Product

The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets Plugin <= 4.2.2

1 brief RSS

WordPress Widget Options Plugin Remote Code Execution Vulnerability (CVE-2026-2052)

The Widget Options plugin for WordPress is vulnerable to Remote Code Execution (CVE-2026-2052) due to insufficient input sanitization in the Display Logic feature, allowing authenticated attackers with Contributor-level access and above to execute arbitrary code on the server.

The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin <= 4.2.2 wordpress rce plugin

2r 1t 1c 2d ago