Skip to main content

Five Star Business Profile and Schema EUVDEUVD-2026-41338

| CVE-2026-27436 CRITICAL
Code Injection (CWE-94)
2026-07-02 Patchstack GHSA-5qwh-74pw-p44j
9.1
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
9.1 CRITICAL

Network-reachable authenticated code injection requiring an Editor/high-privilege role (PR:H), no user interaction, with RCE breaching the host beyond the plugin (S:C) and full C/I/A loss.

3.1 AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jul 02, 2026 - 12:00 vuln.today

DescriptionCVE.org

Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions.

AnalysisAI

Remote code execution in the Five Star Business Profile and Schema WordPress plugin (versions up to and including 2.3.19) allows an attacker holding an Editor-level or higher account to inject and execute arbitrary PHP code on the host. Reported by Patchstack and rated CVSS 9.1 due to its scope-changing impact, the flaw turns a trusted content role into full server compromise. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain Editor-level WordPress credentials
Delivery
Access vulnerable plugin function
Exploit
Inject crafted PHP payload
Execution
Payload executed by server as web user
Persist
Deploy web shell and exfiltrate credentials
Impact
Full site and host compromise

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated WordPress account with the Editor role (or higher) on a site running Five Star Business Profile and Schema version 2.3.19 or earlier, per the CVSS PR:H metric and the 'Editor Arbitrary Code Execution' title. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H, score 9.1 Critical) describes a network-reachable, low-complexity flaw that requires high privileges (PR:H) and no user interaction, yielding full confidentiality, integrity and availability loss with scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained or been granted an Editor-level WordPress account - for example through a phished author credential or a malicious sub-user on a multi-contributor site - submits crafted input to the vulnerable plugin function, causing their PHP payload to be stored and executed on the server. With code running as the web-server user, they establish a web shell, harvest wp-config.php database credentials, and pivot to full site takeover. …
Remediation Upgrade the Five Star Business Profile and Schema plugin to the first release above 2.3.19; the input data confirms all versions through 2.3.19 are vulnerable but does not specify the exact fixed version, so consult the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/business-profile/vulnerability/wordpress-five-star-business-profile-and-schema-plugin-2-3-19-arbitrary-code-execution-vulnerability) and the plugin's WordPress.org changelog for the patched build. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Audit WordPress installations to identify Five Star Business Profile and Schema plugin at versions through 2.3.19; document all accounts with Editor or Administrator roles on affected sites. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41338 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy