CyberSecurityBoardThreat Intel · CVEs · Products
Critical CVEs

CVE-2026-49777: Critical Supply Chain Vulnerability in Product Slider Pro for WooCommerce

June 25, 2026

CVE-2026-49777 is a critical vulnerability in the Product Slider Pro for WooCommerce plugin from ShapedPlugin, with a CVSS score of 10.0. It was exploited in a supply chain attack where attackers injected backdoor code into the plugin's build and distribution pipeline.