CVE-2026-3891 Blast Radius

CRITICAL • CVSS 9.8The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-3891.

Start Free Scan →← Back to CVE-2026-3891