{"vulnerability": "cve-2026-52704", "sightings": [{"uuid": "6aff7016-b42c-4b7c-aea2-579a66c25f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-52704", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3modkepmag52l", "content": "WooCommerce PDF Invoice Builder plugin (\u22642.0.8) hit by CRITICAL RCE flaw (CVE-2026-52704) \u2014 no patch yet. Disable or remove plugin ASAP to avoid total compromise. Details: https://radar.offseq.com/threat/cve-2026-52704-cwe-94-improper-control-of-generati-76aad4c5 #OffSeq #WordPress #Security", "creation_timestamp": "2026-06-15T15:00:13.845365Z"}, {"uuid": "ca5ab256-93fa-4329-909f-b6bd0c3f5d6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-52704", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116754717813611535", "content": "\ud83d\udea8 CRITICAL: CVE-2026-52704 in WooCommerce PDF Invoice Builder \u22642.0.8 enables remote code execution via code injection (CWE-94). No patch yet \u2014 disable/remove plugin to prevent full system compromise. More info: https://radar.offseq.com/threat/cve-2026-52704-cwe-94-improper-control-of-generati-76aad4c5 #OffSeq #WordPress #Vuln", "creation_timestamp": "2026-06-15T15:00:19.650179Z"}, {"uuid": "61f278ff-3a57-4cdc-9bf6-6a8d2d09c35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52704", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3modnisap7l2x", "content": "CVE-2026-52704 - WordPress WooCommerce PDF Invoice Builder plugin\nCVE ID : CVE-2026-52704\n \n Published : June 15, 2026, 2:16 p.m. | 1\u00a0hour, 25\u00a0minutes ago\n \n Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF In...", "creation_timestamp": "2026-06-15T15:56:20.011956Z"}, {"uuid": "03fa136e-aa74-46ff-a0bb-a3f59f21d3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-52704", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3modulj4fol22", "content": "\ud83d\udd34 CVE-2026-52704 - Critical (10)\n\nImproper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerc...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-52704/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-06-15T18:03:00.759613Z"}]}