Remote Code Execution Vulnerability in Widget Options by WordPress
CVE-2026-54823
9.9CRITICAL
What is CVE-2026-54823?
A remote code execution vulnerability exists in the Widget Options plugin for WordPress, specifically affecting versions 4.2.3 and earlier. This flaw allows attackers to execute arbitrary code on the server, posing significant risks to the integrity and confidentiality of affected sites. Websites utilizing these versions of Widget Options are strongly advised to update promptly and ensure that security measures are in place to mitigate any potential exploitation.
Affected Version(s)
Widget Options <= 4.2.3