Platform
wordpress
Component
builderall-cheetah-for-wp
Fixed in
3.0.2
CVE-2026-22390 describes a Remote Code Execution (RCE) vulnerability within the Builderall Builder for WordPress plugin. This flaw allows attackers to inject arbitrary code, potentially gaining complete control over the affected WordPress site. The vulnerability impacts versions from 0.0.0 up to and including 3.0.1. A fix is expected from Builderall, and users are advised to monitor for updates.
The impact of this RCE vulnerability is severe. A successful exploit allows an attacker to execute arbitrary code on the web server hosting the WordPress site. This could lead to complete compromise of the site, including data theft, defacement, malware installation, and lateral movement to other systems on the network. The attacker could potentially gain access to sensitive user data, database credentials, and other critical information. Given the plugin's functionality, the attacker could also modify the website's content and appearance, disrupting business operations and damaging the organization's reputation.
CVE-2026-22390 was publicly disclosed on 2026-03-05. As of this date, no public proof-of-concept (PoC) code has been released. The EPSS score is pending evaluation, but the CRITICAL CVSS score suggests a high probability of exploitation if a PoC becomes available. Monitor CISA and other security advisories for updates and potential exploitation campaigns.
Exploit Status
EPSS
0.05% (16% percentile)
CISA SSVC
CVSS Vector
While a patched version is the definitive solution, immediate mitigation steps are crucial. Implement a Web Application Firewall (WAF) with rules to block suspicious code injection attempts. Strictly validate all user inputs to prevent malicious code from being processed. Consider temporarily disabling the Builderall Builder for WordPress plugin if upgrading immediately is not possible. Monitor server logs for any unusual activity or code execution attempts. After applying any mitigation, verify its effectiveness by attempting to trigger the vulnerability with a safe test payload.
No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-22390 is a critical Remote Code Execution vulnerability in the Builderall Builder for WordPress plugin, allowing attackers to execute arbitrary code on the server.
You are affected if you are using Builderall Builder for WordPress versions 0.0.0 through 3.0.1. Check your plugin version immediately.
Upgrade to the latest patched version of the Builderall Builder for WordPress plugin as soon as it becomes available. Monitor Builderall's website for updates.
As of the disclosure date, there is no confirmed active exploitation, but the CRITICAL severity suggests a high likelihood if a PoC is released.
Check the official Builderall website and security advisory pages for updates and information regarding CVE-2026-22390.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.