CVE-2026-15158 Blast Radius

CRITICAL • CVSS 9.8The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the save_attachment

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-15158.