CYBERHAWK / CVE / CVE-2026-8365

CVE-2026-8365

HIGH CVSS 8.8 other

The flaw

The Blocksy theme for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution via the 'blocksy_meta' REST API field and the V200 database migration in versions up to and including 2.1.35. This is due to insufficient

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2026-8365

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits