{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-22354", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-01-07T12:21:24.563Z", "datePublished": "2026-02-20T15:47:01.099Z", "dateUpdated": "2026-04-28T16:48:20.045Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "banner-management-for-woocommerce", "product": "Woocommerce Category Banner Management", "vendor": "Dotstore", "versions": [{"lessThanOrEqual": "2.5.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:03:54.798Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.<p>This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1.</p>"}], "value": "Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1."}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "description": "Deserialization of Untrusted Data", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:41.257Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/banner-management-for-woocommerce/vulnerability/wordpress-woocommerce-category-banner-management-plugin-2-5-1-php-object-injection-vulnerability?_s_id=cve"}], "title": "WordPress Woocommerce Category Banner Management plugin <= 2.5.1 - PHP Object Injection vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-24T18:38:38.123466Z", "id": "CVE-2026-22354", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T16:48:20.045Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-22354", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-24T18:38:38.123466Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-24T18:38:54.257Z"}}], "cna": {"title": "WordPress Woocommerce Category Banner Management plugin <= 2.5.1 - PHP Object Injection vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "Object Injection"}]}], "affected": [{"vendor": "Dotstore", "product": "Woocommerce Category Banner Management", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "2.5.1"}], "packageName": "banner-management-for-woocommerce", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-01T16:03:54.798Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/banner-management-for-woocommerce/vulnerability/wordpress-woocommerce-category-banner-management-plugin-2-5-1-php-object-injection-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1.", "supportingMedia": [{"type": "text/html", "value": "Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.<p>This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-01T14:13:36.106Z"}}}, "cveMetadata": {"cveId": "CVE-2026-22354", "state": "PUBLISHED", "dateUpdated": "2026-04-01T14:13:36.106Z", "dateReserved": "2026-01-07T12:21:24.563Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-20T15:47:01.099Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Deserialization of Untrusted Data vulnerability in Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce allows Object Injection.This issue affects Woocommerce Category Banner Management: from n/a through <= 2.5.1."}, {"lang": "es", "value": "Vulnerabilidad de deserializaci\u00f3n de datos no confiables en Dotstore Woocommerce Category Banner Management banner-management-for-woocommerce permite la inyecci\u00f3n de objetos. Este problema afecta a Woocommerce Category Banner Management: desde n/a hasta &lt;= 2.5.1."}], "id": "CVE-2026-22354", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-20T16:22:34.550", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/banner-management-for-woocommerce/vulnerability/wordpress-woocommerce-category-banner-management-plugin-2-5-1-php-object-injection-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.5.1]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Woocommerce Category Banner Management", "source": "cna", "vendor": "Dotstore"}, "product": "woocommerce_category_banner_management", "vendor": "dotstore"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T16:44:27.966837+00:00", "value": {"mitigation_remediation": ["Upgrade the Woocommerce Category Banner Management plugin to the latest version when it becomes available, ensuring the deserialization issue is fixed.", "Temporarily disable or remove the plugin until a vendor patch is released to prevent exploitation.", "Deploy application\u2011level input filtering or a web application firewall rule that blocks unexpected serialized data to mitigate the risk of object injection until a proper fix is applied."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Dotstore Woocommerce Category Banner Management plugin for WordPress, from the earliest release up to and including version 2.5.1. Any WordPress site that installs this plugin and does not remove or upgrade it after the mentioned date is at risk.", "description_and_impact": "WordPress plugin Woocommerce Category Banner Management is vulnerable to PHP object injection due to improper deserialization of untrusted data. Attackers can send specially crafted serialized objects that cause the plugin to instantiate arbitrary PHP classes and set properties, potentially leading to code execution or other malicious actions. This flaw is classified as CWE\u2011502, representing the ability to exploit deserialization with untrusted input.", "risk_and_exploitability": "The CVSS score of 8.8 indicates high severity. The EPSS score of less than 1% suggests that exploitation opportunities are currently rare, and the vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, it is inferred that the attack vector is remote, where an attacker sends a malicious payload via HTTP requests that trigger the deserialization logic within the plugin. If exploited, the attacker could gain remote code execution on the affected WordPress site, compromising confidentiality, integrity, and availability."}}}}, "created": "2026-02-23T14:36:41.019550+00:00", "updated": "2026-04-16T16:45:25.960621+00:00", "vendors": ["dotstore", "dotstore$PRODUCT$woocommerce_category_banner_management", "wordpress", "wordpress$PRODUCT$wordpress"]}