CVE-2026-39552 | Code Supply Blueprint Plugin up to 1.1.4 on WordPress filename control

A vulnerability described as problematic has been identified in Code Supply Blueprint Plugin up to 1.1.4 on WordPress. This issue affects some unknown processing. The manipulation results in improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is reported as CVE-2026-39552. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More