CVE-2026-4001 Blast Radius

CRITICAL • CVSS 9.8The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-4001.

Start Free Scan →← Back to CVE-2026-4001