{"vulnerability": "CVE-2026-9725", "sightings": [{"uuid": "ac9c43bc-fd01-4edb-be2b-d92da687dce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9725", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mppuinqzrc24", "content": "CVE-2026-9725 - Printcart Web to Print Product Designer for WooCommerce\nCVE ID : CVE-2026-9725\n \n Published : July 3, 2026, 4:30 a.m. | 1\u00a0hour, 16\u00a0minutes ago\n \n Description : The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arb...", "creation_timestamp": "2026-07-03T05:58:31.535689Z"}, {"uuid": "6103c4f7-07e6-405b-b277-b0146a3c3028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9725", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116854516946886983", "content": "CRITICAL: CVE-2026-9725 in Printcart Web to Print Product Designer for WooCommerce \u22642.5.2 enables unauthenticated file deletion via path traversal. No patch yet \u2014 restrict AJAX endpoints &amp; monitor logs. https://radar.offseq.com/threat/cve-2026-9725-cwe-22-improper-limitation-of-a-path-a96c709af943903a #OffSeq #WordPress #CVE2026_9725 #PathTraversal", "creation_timestamp": "2026-07-03T06:00:26.597921Z"}, {"uuid": "9978276b-5369-4424-a26c-db8167a22fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9725", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mppum3yfj425", "content": "Printcart Web to Print Product Designer \u22642.5.2 has a CRITICAL path traversal (CVE-2026-9725) allowing unauth file deletion. Restrict endpoints &amp; monitor for abuse until official fix. https://radar.offseq.com/threat/cve-2026-9725-cwe-22-improper-limitation-of-a-path-a96c709af943903a #OffSeq #WordP...", "creation_timestamp": "2026-07-03T06:00:27.719868Z"}, {"uuid": "e2a41a83-349b-48d9-a938-74ded08811d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9725", "type": "seen", "source": "https://bsky.app/profile/atomicedge.bsky.social/post/3mpqmx5fo7a2r", "content": "CVE-2026-9725 printcart-integration (CVSS Score 9.1) \n\n#WordPress plugin #vulnerability #cybersecurity #wordpressfirewall #hacking #wpsecurity #atomicedge #cybersecurity #malware #vulnerabilityresearch #cve #redteam #proofofconcept", "creation_timestamp": "2026-07-03T13:16:07.477709Z"}, {"uuid": "2e82542f-c645-422d-aa1b-c9137efbfa34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9725", "type": "seen", "source": "https://bsky.app/profile/kriptabiz.bsky.social/post/3mprghtmjtu2d", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-9725 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Printcart \u0434\u043b\u044f WooCommerce: \u0443\u0433\u0440\u043e\u0437\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u044b\n\n\n\nhttps://kripta.biz/posts/522382FA-BC6A-41CA-8DC8-BCC8548E1149", "creation_timestamp": "2026-07-03T20:52:51.482340Z"}, {"uuid": "67ee858c-b7f6-477e-9368-7a8051d354d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9725", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mprkh6fals2r", "content": "CVE-2026-9725\nThe Printcart plugin for WooCommerce on WordPress allows unauthenticated users to delete any file on the website's server. This could potentially allow attackers to execute malicious code. Website owners should\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#CVE #infosec", "creation_timestamp": "2026-07-03T22:04:04.039311Z"}, {"uuid": "1924f64f-b6a8-4e45-91fb-b7680c7a2826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9725", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mprqwtn2bm2r", "content": "CVE-2026-9725. CVSS 9.1. Printcart Web to Print Designer up to 2.5.2 lets anyone delete arbitrary files. wp-config.php. Database backups. Private uploads. Gone.\n\nNo patch available. Disable the plugin now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-04T00:00:12.452252Z"}]}