CVE-2026-9725 (CVSS 9.1) — The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path valid
CVE. Sourced from nvd, summarised by Matproof.
AI Analysis
What changed and what to do.
A critical vulnerability, CVE-2026-9725, has been published with a CVSS score of 9.1, affecting the Printcart Web to Print Product Designer for WooCommerce plugin for WordPress, versions up to and including 2.5.2. The flaw allows arbitrary file deletion due to insufficient path validation, meaning an attacker could remove critical system files, potentially leading to site compromise or denial of service. This was published on July 3, 2026, by the National Vulnerability Database.
Organizations most affected are those in the e-commerce, retail, and print-on-demand sectors that use WordPress with WooCommerce and this specific plugin. Any business relying on this plugin for product customization—such as print shops, merchandise sellers, or marketing agencies—faces direct risk. Given the high severity, compliance teams should prioritize this as a material security incident under frameworks like GDPR or PCI DSS if customer data or payment systems are impacted.
Compliance teams should immediately verify if their organization uses the affected plugin and, if so, apply the vendor’s patch or upgrade to a version beyond 2.5.2. Conduct a risk assessment to determine if any data was exposed or systems were compromised, and document remediation steps for regulatory reporting. Finally, update your vulnerability management and incident response procedures to include this CVE, and ensure all affected systems are isolated until patched.
This summary is AI-generated for orientation purposes. For regulatory action, always consult the original source linked above.
Map this to your controls
Connect regulatory changes to your compliance work.
Matproof maps every regulator update directly to your controls and surfaces the ones that affect your organisation — across 21 frameworks.