{"id":9078,"date":"2026-07-03T07:43:22","date_gmt":"2026-07-03T07:43:22","guid":{"rendered":"https:\/\/locaterisk.com\/de\/?p=9078"},"modified":"2026-07-03T07:43:22","modified_gmt":"2026-07-03T07:43:22","slug":"cve-2026-9725-printcart-wordpress-plugin","status":"publish","type":"post","link":"https:\/\/locaterisk.com\/fr\/cve-2026-9725-printcart-wordpress-plugin\/","title":{"rendered":"Une vuln\u00e9rabilit\u00e9 critique (CVE-2026-9725) dans un plugin WordPress permet la suppression de fichiers"},"content":{"rendered":"<div class=\"wp-block-lr-blog-article-header-module\">\r\n    <div class=\"content\">\r\n\t\t<div class=\"headline\">\r\n\t\t\t<button class=\"to-blog-button\">Retour au blog                <a href=\"https:\/\/locaterisk.com\/fr\/blog\/\"><\/a>\r\n\t\t\t<\/button>\r\n\t\t\t\t\t<\/div>\r\n        <div class=\"main-content\">\r\n\t\t\t\t\t\t<!--\r\n            <div class=\"header\">\r\n                <h6> <\/h6>\r\n            <\/div>\r\n\t\t\t\t\t\t-->\r\n            <h1 class=\"title\">Une vuln\u00e9rabilit\u00e9 critique (CVE-2026-9725) dans un plugin WordPress permet la suppression de fichiers<\/h1>\r\n            <p class=\"paragraph\"><br><span class=\"lr-ai-disclosure\" style=\"display:block;margin:8px 0 28px;font-size:14px;line-height:1.4;color:#8b93a7;font-family:inherit;font-style:italic;\">Ce texte a \u00e9t\u00e9 g\u00e9n\u00e9r\u00e9 par l'intelligence artificielle (IA).<\/span>Le 3 juillet 2026, une faille de s\u00e9curit\u00e9 critique a \u00e9t\u00e9 signal\u00e9e dans le plugin WordPress \u201e Printcart Web to Print Product Designer for WooCommerce \u201c. La vuln\u00e9rabilit\u00e9, identifi\u00e9e sous le num\u00e9ro <strong>CVE-2026-9725<\/strong> est attribu\u00e9 un score CVSS de <strong>9,1 (critique)<\/strong> a \u00e9t\u00e9 identifi\u00e9e et permet \u00e0 des attaquants non authentifi\u00e9s de supprimer n'importe quel fichier sur le serveur. Cela peut entra\u00eener une indisponibilit\u00e9 totale du site web et potentiellement conduire \u00e0 l'ex\u00e9cution de code \u00e0 distance. Une mise \u00e0 jour de s\u00e9curit\u00e9 est disponible.<\/p>\r\n        <\/div>\r\n    <\/div>\r\n<\/div>\r\n\r\n\r\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"400\" height=\"400\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png\" alt=\"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung\" class=\"wp-image-9077\" srcset=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png 400w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured-300x300.png 300w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured-150x150.png 150w, https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured-12x12.png 12w\" sizes=\"auto, (max-width: 400px) 100vw, 400px\" \/><\/figure><\/div>\n\n\n<p><strong>Informations g\u00e9n\u00e9rales :<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Identifiant CVE :<\/strong> CVE-2026-9725 (CVSS 9.1)<\/li>\n\n\n\n<li><strong>Logiciels concern\u00e9s :<\/strong> Plugin \u201e printcart-integration \u201c jusqu'\u00e0 la version 2.5.2 incluse<\/li>\n\n\n\n<li><strong>Cons\u00e9quence :<\/strong> Suppression non authentifi\u00e9e de fichiers quelconques (Arbitrary File Deletion)<\/li>\n\n\n\n<li><strong>Solution :<\/strong> Mise \u00e0 jour vers la version 2.5.3 ou une version plus r\u00e9cente<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Analyse de la vuln\u00e9rabilit\u00e9 CVE-2026-9725<\/strong><\/h2>\n\n\n\n<p>Cette faille de s\u00e9curit\u00e9 concerne toutes les versions du plugin jusqu'\u00e0 la version incluse <strong>2.5.2<\/strong>. \u00c9tant donn\u00e9 que ce plugin est utilis\u00e9 dans des environnements de commerce \u00e9lectronique bas\u00e9s sur WordPress et WooCommerce, cette vuln\u00e9rabilit\u00e9 repr\u00e9sente un risque consid\u00e9rable pour les boutiques en ligne concern\u00e9es. Une attaque ne n\u00e9cessite ni authentification ni interaction de la part de l'utilisateur, ce qui rend l'acc\u00e8s tr\u00e8s facile pour les pirates.<\/p>\n\n\n\n<p>En supprimant de mani\u00e8re cibl\u00e9e des fichiers de configuration critiques, les pirates peuvent paralyser un site web (d\u00e9ni de service) ou contourner les m\u00e9canismes de s\u00e9curit\u00e9 afin de pr\u00e9parer d'autres attaques. Dans certaines circonstances, la suppression de fichiers peut \u00e9galement conduire \u00e0 l'ex\u00e9cution de code arbitraire sur le serveur (ex\u00e9cution de code \u00e0 distance), ce qui entra\u00eenerait la compromission totale du syst\u00e8me.<\/p>\n\n\n\n<p>\u00c0 l'heure actuelle, aucune exploitation active de la vuln\u00e9rabilit\u00e9 CVE-2026-9725 n'est connue. Compte tenu de la faible complexit\u00e9 de l'attaque et de l'absence d'exigence d'authentification, il est n\u00e9anmoins fortement recommand\u00e9 d'appliquer le correctif dans les plus brefs d\u00e9lais.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Contexte technique : parcours de chemin avec contournement du contr\u00f4le d'acc\u00e8s<\/strong><\/h2>\n\n\n\n<p>La cause de la vuln\u00e9rabilit\u00e9 CVE-2026-9725 r\u00e9side dans une validation insuffisante des chemins d'acc\u00e8s, connue sous le nom de \u00ab path traversal \u00bb (CWE-22). La faille se trouve dans la fonction <strong>store_design_data()<\/strong>, qui utilise le param\u00e8tre fourni par l'utilisateur <strong>nbd_item_key<\/strong> trait\u00e9e. La saisie n'est effectu\u00e9e qu'\u00e0 l'aide de la fonction <strong>sanitize_text_field()<\/strong> corrig\u00e9es, qui ne contiennent toutefois pas de s\u00e9quences de travers\u00e9e de chemin (<strong>..\/<\/strong>) a \u00e9t\u00e9 supprim\u00e9.<\/p>\n\n\n\n<p>Cela permet aux pirates de parcourir les niveaux de r\u00e9pertoires et de construire un chemin d'acc\u00e8s vers n'importe quel fichier pr\u00e9sent sur le serveur. Ce chemin manipul\u00e9 est ensuite transmis \u00e0 des fonctions de suppression ou de renommage.<\/p>\n\n\n\n<p>De plus, le m\u00e9canisme de protection (nonce) cens\u00e9 s\u00e9curiser ces actions est inefficace. Les attaquants peuvent obtenir une valeur de nonce valide via le point de terminaison accessible au public <strong>nbd_check_use_logged_in<\/strong> acc\u00e9der \u00e0. Cette combinaison entre le \u00ab path traversal \u00bb et un contr\u00f4le d'acc\u00e8s facile \u00e0 contourner rend cette vuln\u00e9rabilit\u00e9 particuli\u00e8rement dangereuse.<\/p>\n\n\n\n<p>Le plugin Printcart n'est pas un inconnu dans les milieux de la s\u00e9curit\u00e9 : plusieurs vuln\u00e9rabilit\u00e9s avaient d\u00e9j\u00e0 \u00e9t\u00e9 document\u00e9es par le pass\u00e9 dans ce m\u00eame plugin, notamment une vuln\u00e9rabilit\u00e9 li\u00e9e au t\u00e9l\u00e9chargement de fichiers sans authentification (CVE-2025-47641, versions concern\u00e9es \u2264 2.3.9) ainsi qu\u2019une autre faille de type \u00ab path traversal \u00bb (CVE-2025-10268, versions concern\u00e9es \u2264 2.4.8). Sources : <a href=\"https:\/\/wpscan.com\/plugin\/printcart-integration\/\" target=\"_blank\" rel=\"noreferrer noopener\">WPScan<\/a> et <a href=\"https:\/\/patchstack.com\/database\/wordpress\/plugin\/printcart-integration\/vulnerability\/wordpress-printcart-web-to-print-product-designer-for-woocommerce-2-3-9-sql-injection-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">Patchstack<\/a>. Cette multiplication des vuln\u00e9rabilit\u00e9s souligne l'importance d'une surveillance continue des logiciels tiers utilis\u00e9s.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Mesures recommand\u00e9es<\/strong><\/h2>\n\n\n\n<p>Les entreprises qui utilisent le plugin concern\u00e9 devraient agir sans d\u00e9lai afin de prot\u00e9ger leurs syst\u00e8mes.<\/p>\n\n\n\n<ol class=\"wp-block-list has-text-color\" style=\"color:#ffffff\">\n<li><strong>Mise \u00e0 jour imm\u00e9diate :<\/strong> Mettez \u00e0 jour le plugin \u201e Printcart Web to Print Product Designer for WooCommerce \u201c vers la version <strong>2.5.3<\/strong> ou une version plus r\u00e9cente. Il s'agit de la mesure la plus importante pour corriger cette faille de s\u00e9curit\u00e9.<\/li>\n\n\n\n<li><strong>Inventaire :<\/strong> Identifiez toutes les instances WordPress de votre infrastructure qui utilisent ce plugin. V\u00e9rifiez les versions install\u00e9es et donnez la priorit\u00e9 aux syst\u00e8mes accessibles au public et aux syst\u00e8mes critiques pour l'activit\u00e9 lors de la mise \u00e0 jour.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Pertinence pour les entreprises de la r\u00e9gion DACH<\/strong><\/h2>\n\n\n\n<p>Les entreprises situ\u00e9es en Allemagne, en Autriche et en Suisse sont soumises \u00e0 des obligations r\u00e9glementaires suppl\u00e9mentaires en cas d'incidents de s\u00e9curit\u00e9. Si une vuln\u00e9rabilit\u00e9 est activement exploit\u00e9e et qu\u2019il en r\u00e9sulte un incident de protection des donn\u00e9es concernant des donn\u00e9es \u00e0 caract\u00e8re personnel de citoyens de l\u2019UE, l\u2019obligation de notification pr\u00e9vue \u00e0 l\u2019article 33 du RGPD s\u2019applique \u2014 avec un d\u00e9lai de 72 heures aupr\u00e8s de l\u2019autorit\u00e9 de contr\u00f4le comp\u00e9tente. Les op\u00e9rateurs d\u2019infrastructures critiques et les entit\u00e9s importantes au sens de la directive NIS 2 (transpos\u00e9e en Allemagne par la loi NIS2UmsuCG) sont en outre tenus de g\u00e9rer syst\u00e9matiquement les vuln\u00e9rabilit\u00e9s et les risques li\u00e9s aux logiciels tiers. L\u2019installation en temps opportun des mises \u00e0 jour de s\u00e9curit\u00e9, telles que le correctif pr\u00e9sent pour la version 2.5.3, constitue l\u2019une des mesures de base essentielles \u00e0 cet \u00e9gard.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>La visibilit\u00e9, fondement d'une gestion efficace des vuln\u00e9rabilit\u00e9s<\/strong><\/h2>\n\n\n\n<p>Des incidents tels que le CVE-2026-9725 montrent que le plus grand d\u00e9fi ne r\u00e9side souvent pas dans l'application d'un correctif, mais dans la capacit\u00e9 \u00e0 identifier \u00e0 temps si l'on est concern\u00e9. De nombreuses entreprises ne disposent pas d\u2019une vue d\u2019ensemble compl\u00e8te de toutes les applications web utilis\u00e9es et de leurs composants, en particulier lorsque les services op\u00e9rationnels g\u00e8rent leurs propres syst\u00e8mes (informatique fant\u00f4me).<\/p>\n\n\n\n<p>Une solution de gestion de la surface d'attaque externe (EASM), telle que LocateRisk, offre ici la transparence n\u00e9cessaire. Gr\u00e2ce \u00e0 une analyse continue de la surface d'attaque externe, tous les syst\u00e8mes accessibles au public et leurs composants technologiques, tels que le plugin \u201e printcart-integration \u201c, sont identifi\u00e9s. Les \u00e9quipes de s\u00e9curit\u00e9 disposent ainsi d\u2019un inventaire complet et \u00e0 jour qui leur permet de r\u00e9agir imm\u00e9diatement d\u00e8s qu\u2019une vuln\u00e9rabilit\u00e9 est d\u00e9tect\u00e9e et de localiser les syst\u00e8mes concern\u00e9s.<\/p>\n\n\n\n<p>De plus, cet incident met en \u00e9vidence le risque li\u00e9 aux logiciels tiers (Third-Party Risk). La s\u00e9curit\u00e9 de votre infrastructure num\u00e9rique d\u00e9pend \u00e9galement de la s\u00e9curit\u00e9 des plugins et des composants tiers que vous utilisez \u2014 comme le d\u00e9montrent de mani\u00e8re exemplaire les vuln\u00e9rabilit\u00e9s r\u00e9currentes du plugin Printcart. Une gestion continue des risques li\u00e9s aux fournisseurs (C-VRM) permet d\u2019\u00e9valuer et de ma\u00eetriser syst\u00e9matiquement ces risques. Il s\u2019agit \u00e9galement d\u2019une exigence centrale de la directive NIS 2 ainsi que de normes telles que l\u2019ISO 27001, qui imposent une gestion proactive des vuln\u00e9rabilit\u00e9s et des risques li\u00e9s aux fournisseurs.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Sources et informations compl\u00e9mentaires<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Wordfence Intelligence (CNA) :<\/strong> <a href=\"https:\/\/www.wordfence.com\/threat-intel\/vulnerabilities\/id\/5bb962bd-9b23-4820-885e-d8095250c3c7?source=cve\" target=\"_blank\" rel=\"noreferrer noopener\">Avis de vuln\u00e9rabilit\u00e9 CVE-2026-9725<\/a><\/li>\n\n\n\n<li><strong>R\u00e9pertoire des extensions de WordPress.org :<\/strong> <a href=\"https:\/\/wordpress.org\/plugins\/printcart-integration\/\" target=\"_blank\" rel=\"noreferrer noopener\">Int\u00e9gration de Printcart<\/a><\/li>\n\n\n\n<li><strong>Plugin WordPress SVN :<\/strong> <a href=\"https:\/\/plugins.trac.wordpress.org\/changeset?old_path=%2Fprintcart-integration\/tags\/2.5.2&#038;new_path=%2Fprintcart-integration\/tags\/2.5.3\" target=\"_blank\" rel=\"noreferrer noopener\">Liste des modifications pour la version 2.5.3<\/a><\/li>\n\n\n\n<li><strong>WPScan :<\/strong> <a href=\"https:\/\/wpscan.com\/plugin\/printcart-integration\/\" target=\"_blank\" rel=\"noreferrer noopener\">Historique des vuln\u00e9rabilit\u00e9s du plugin Printcart<\/a><\/li>\n\n\n\n<li><strong>Patchstack :<\/strong> <a href=\"https:\/\/patchstack.com\/database\/wordpress\/plugin\/printcart-integration\/vulnerability\/wordpress-printcart-web-to-print-product-designer-for-woocommerce-2-3-9-sql-injection-vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">Vuln\u00e9rabilit\u00e9s li\u00e9es \u00e0 l'injection SQL et au t\u00e9l\u00e9chargement de fichiers dans Printcart<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Avez-vous une vue d'ensemble de tous vos plugins WordPress ?<\/strong><\/h3>\n\n\n\n<p>Une vuln\u00e9rabilit\u00e9 inconnue dans un syst\u00e8me tomb\u00e9 dans l'oubli peut suffire \u00e0 mettre en danger l'ensemble de votre organisation. LocateRisk assure une surveillance continue de votre surface d'attaque externe afin d'identifier ces risques avant qu'ils ne soient exploit\u00e9s.<\/p>\n\n\n\n<p><a href=\"https:\/\/locaterisk.com\/fr\/demo\/\" target=\"_blank\" rel=\"noreferrer noopener\">Demandez votre analyse de s\u00e9curit\u00e9 gratuite<\/a><\/p>\n\n\n\n<div class=\"wp-block-lr-faq-module\"><div class=\"content\"><h3><strong>Questions fr\u00e9quentes<\/strong><\/h3><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>Qu'est-ce que le CVE-2026-9725 ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">CVE-2026-9725 est une faille de s\u00e9curit\u00e9 critique (CVSS 9.1) dans le plugin WordPress \u201e Printcart Web to Print Product Designer for WooCommerce \u201c. Elle permet \u00e0 des attaquants non authentifi\u00e9s d'exploiter une vuln\u00e9rabilit\u00e9 de type \u00ab path traversal \u00bb (CWE-22) dans la fonction <strong>store_design_data()<\/strong> de supprimer n'importe quel fichier sur le serveur concern\u00e9, ce qui peut, dans certaines circonstances, entra\u00eener une compromission totale du syst\u00e8me.<\/p><\/div><\/div><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>Quelles sont les versions des plugins concern\u00e9es, et comment puis-je me prot\u00e9ger ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">Toutes les versions du plugin \u201e printcart-integration \u201c jusqu'\u00e0 la version 2.5.2 incluse sont concern\u00e9es. L'\u00e9diteur a publi\u00e9 un correctif avec la version 2.5.3. Les exploitants concern\u00e9s doivent imm\u00e9diatement mettre \u00e0 jour le plugin vers la version 2.5.3 ou une version plus r\u00e9cente, et v\u00e9rifier la version du plugin utilis\u00e9e sur toutes les instances WordPress de leur infrastructure.<\/p><\/div><\/div><div class=\"faq-topic\"><hr\/><div class=\"collapsible-title\"><a class=\"pr-4\"><strong>La vuln\u00e9rabilit\u00e9 CVE-2026-9725 fait-elle d\u00e9j\u00e0 l'objet d'attaques actives ?<\/strong><\/a><img class=\"collapse-toggle\" srcset=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@3x.png 3x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus@2x.png 2x,https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/faq-module\/img\/ic-plus.png 1x\"\/><\/div><div class=\"collapsible-content\"><p class=\"font-normal\">\u00c0 la date de publication, le 3 juillet 2026, aucune exploitation active de la vuln\u00e9rabilit\u00e9 CVE-2026-9725 n'est connue. Compte tenu de la faible complexit\u00e9 de l'attaque \u2014 aucun attaquant n'a besoin d'une authentification ni d'une interaction de l'utilisateur \u2014, il est n\u00e9anmoins fortement recommand\u00e9 d'installer la mise \u00e0 jour dans les plus brefs d\u00e9lais.<\/p><\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-lr-contact-post-module\">\n\t<div id=\"lr-contact-form\" class=\"wp-block-lr-contact-post-module\">\n\t\t<div id=\"formular\" class=\"content\">\n\t\t\t<div class=\"inner-content\">\n\t\t\t\t<div class=\"column-2 feature-mode\">\n\t\t\t\t\t<h2><br>Demandez maintenant une D\u00e9mo en direct personelle<\/h2>\n\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div>\n\t\t\t\t\t\t\t\t<p class=\"margin-b-36\">Identifiez et r\u00e9duisez vos cyber-risques gr\u00e2ce \u00e0 un aper\u00e7u comparable et compr\u00e9hensible de votre s\u00e9curit\u00e9 informatique. Demandez conseil \u00e0 nos experts et d\u00e9couvrez comment LocateRisk peut vous aider \u00e0 r\u00e9soudre vos cyber-risques.<\/p>\n\t\t\t\t\t\t\t<\/div>\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<\/div> \n\t\t\t\t<div class=\"column-2\">\n\t\t\t\t\t<form action=\"\" class=\"form\" method=\"post\" role=\"form\" novalidate data-trp-original-action=\"\">\n\t\t\t\t\t\t<input type=\"text\" id=\"successmessage\" name=\"successmessage\" value=\"Ihre Registrierung war erfolgreich Ihre Anfrage wurde erfolgreich versendet. Wir haben Ihnen soeben eine Best\u00e4tigungsmail mit einem Aktivierungs-Link zugesendet, um einem Missbrauch Ihrer E-Mail Adresse durch Dritte vorzubeugen. Die Mail wird von sales@locaterisk.com versendet und sollte sich i n wenigen Minuten in Ihrem Posteingang finden.\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"errormessage\" name=\"errormessage\" value=\"Da ist wohl etwas schief gelaufen. Bitte probieren Sie es erneut oder nehmen Sie direkt mit uns Kontakt auf\" hidden>\n\t\t\t\t\t\t<input type=\"text\" id=\"slug\" name=\"slug\" value=\"cve-2026-9725-printcart-wordpress-plugin\" hidden>\n\n\t\t\t\t\t\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"name\"\n\t\t\t\t\t\t\t\tname=\"name\"\n\t\t\t\t\t\t\t\tplaceholder=\"Pr\u00e9nom\"\n\t\t\t\t\t\t\t\trequired\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\t\tid=\"surname\"\n\t\t\t\t\t\t\t\tname=\"surname\"\n\t\t\t\t\t\t\t\tplaceholder=\"Nom\"\n\t\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"email\"\n\t\t\t\t\t\t\tid=\"email\"\n\t\t\t\t\t\t\tname=\"email\"\n\t\t\t\t\t\t\tplaceholder=\"Courrier \u00e9lectronique\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\n\t\t\t\t\t\t<input\n\t\t\t\t\t\t\ttype=\"text\"\n\t\t\t\t\t\t\tid=\"phone\"\n\t\t\t\t\t\t\tname=\"phone\"\n\t\t\t\t\t\t\tplaceholder=\"T\u00e9l\u00e9phone\"\n\t\t\t\t\t\t\trequired\n\t\t\t\t\t\t\tmaxlength=\"50\"\/>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<h6 class=\"error-message\" hidden>...<\/h6>\n\t\t\t\t\t\t<div class=\"checkbox_container\">\n\t\t\t\t\t\t\t<div class=\"checkbox\">\n\t\t\t\t\t\t\t\t<input\n\t\t\t\t\t\t\t\t\ttype=\"checkbox\"\n\t\t\t\t\t\t\t\t\tid=\"checkbox\"\n\t\t\t\t\t\t\t\t\tname=\"checkbox\" \/>\n\n\t\t\t\t\t\t\t\t<label for=\"checkbox\"><\/label>\n\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t<p class=\"translation-block\">Je suis d'accord avec la politique de confidentialit\u00e9<\/p> \n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\n\t\t\t\t\t<div class=\"g-recaptcha\" data-sitekey=\"6LdErNoZAAAAAD1Re2jNxtDFfcDaL9iED5MRBzjR\" data-callback=\"verifyRecaptchaCallback\" data-expired-callback=\"expiredRecaptchaCallback\"><\/div>\n\t\t\t\t\t<input type=\"hidden\" name=\"g-recaptcha-response\" data-recaptcha \/>\n\n\t\t\t\t\t\t<button class=\"lr-button-link\" type=\"submit\"> Demander une d\u00e9mo<\/button>\n\t\t\t\t\t<input type=\"hidden\" name=\"trp-form-language\" value=\"fr\"\/><\/form>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/div>\n\t\n\t<\/div>\n\n\n\n<hr class=\"wp-block-separator has-css-opacity is-style-wide\"\/>\n\n\n\n<div class=\"wp-block-lr-contact-module\"><div class=\"content\"><h2>En savoir plus, r\u00e9server une d\u00e9mo ou simplement \u00e9changer quelques mots ? Nous nous en r\u00e9jouissons !<\/h2><div class=\"contact-info-row\"><div class=\"contact-person-info\"><div class=\"avatar\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2025\/06\/Lukas_Baumann_LocateRisk-300.png\"><\/div><p><span class=\"text before\">Votre Contact<\/span><span class=\"bold name\"><strong>Lukas<\/strong><\/span> <span class=\"lastname\"><strong>Baumann<strong><\/strong><\/strong><\/span><strong><strong><span class=\"separator\"><\/span><span class=\"role\">PDG<\/span><\/strong><\/strong><\/p><\/div><p class=\"bold phone\"><strong><strong>+49 6151 6290246<\/strong><\/strong><\/p><strong><strong><a class=\"pr-1\" href=\"mailto: sales@locaterisk.com\">Contactez-nous maintenant<\/a><\/strong><\/strong><\/div><\/div><\/div>\n\n\n\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<div class=\"wp-block-lr-footer-module lr-footer-block\"><div class=\"content\"><div class=\"column0\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/plugins\/locate-risk-prod\/lr-blocks\/assets\/img\/lr-logo.svg\"\/><\/div><div class=\"categories\"><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/locaterisk.com\/fr\/\">Accueil<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/blog\/\">Blog<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/about\/\">par rapport \u00e0 nous<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/kontakt\/\">Contact<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/impressum\/\">mentiones l\u00e9gales<\/a><\/div><div class=\"categories-break\"><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/datenschutz\/\">Confidentialit\u00e9<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/files\/agb.pdf\">CONDITIONS G\u00c9N\u00c9RALES DE VENTE<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"\/fr\/jobs\/\">Carri\u00e8re<\/a><\/div><div class=\"categories-element\"><a class=\"pr-4\" href=\"https:\/\/app.secfix.com\/trust\/locaterisk\/d1e7d433b33643aea1880bfbfeab9f60\">Centre de confiance<\/a><\/div><\/div><div class=\"social\"><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/10\/gruppe-230@3x.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/www.instagram.com\/locaterisk\/\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Instagram.png\"\/><\/a><\/div><div class=\"social-element\"><a target=\"_blank\" href=\"https:\/\/twitter.com\/locaterisk\"><img decoding=\"async\" src=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/twitter.png\"\/><\/a><\/div><\/div><div class=\"description\"><h6>\u00a9 LocateRisk 2026<\/h6><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Une vuln\u00e9rabilit\u00e9 critique (CVE-2026-9725, CVSS 9.1) dans le plugin Printcart pour WordPress permet \u00e0 des attaquants non authentifi\u00e9s de supprimer n'importe quel fichier.<\/p>","protected":false},"author":13,"featured_media":9077,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[632],"tags":[694,690,692,691,693,16,560,357,327],"class_list":["post-9078","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-news","tag-arbitrary-file-deletion","tag-cve-2026-9725","tag-path-traversal","tag-printcart","tag-printcart-integration","tag-sicherheitsluecke","tag-third-party-risk","tag-woocommerce","tag-wordpress"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CVE-2026-9725: Kritische L\u00fccke in WordPress-Plugin | LocateRisk<\/title>\n<meta name=\"description\" content=\"Eine kritische Schwachstelle (CVE-2026-9725, CVSS 9.1) im Printcart-Plugin f\u00fcr WordPress erm\u00f6glicht unauthentifizierten Angreifern das L\u00f6schen beliebiger Dateien.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/locaterisk.com\/fr\/cve-2026-9725-printcart-wordpress-plugin\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2026-9725: Kritische L\u00fccke in WordPress-Plugin | LocateRisk\" \/>\n<meta property=\"og:description\" content=\"Eine kritische Schwachstelle (CVE-2026-9725, CVSS 9.1) im Printcart-Plugin f\u00fcr WordPress erm\u00f6glicht unauthentifizierten Angreifern das L\u00f6schen beliebiger Dateien.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/locaterisk.com\/fr\/cve-2026-9725-printcart-wordpress-plugin\/\" \/>\n<meta property=\"og:site_name\" content=\"LocateRisk\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-03T07:43:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Kristina Hoinkis\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kristina Hoinkis\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/\"},\"author\":{\"name\":\"Kristina Hoinkis\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/68f3857c15afa8ff59c545848dddcc32\"},\"headline\":\"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung\",\"datePublished\":\"2026-07-03T07:43:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/\"},\"wordCount\":1164,\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/cve-2026-9725-featured.png\",\"keywords\":[\"Arbitrary File Deletion\",\"CVE-2026-9725\",\"Path Traversal\",\"Printcart\",\"printcart-integration\",\"Sicherheitsl\u00fccke\",\"Third-Party Risk\",\"WooCommerce\",\"WordPress\"],\"articleSection\":[\"Cybersecurity News\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/\",\"name\":\"CVE-2026-9725: Kritische L\u00fccke in WordPress-Plugin | LocateRisk\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/cve-2026-9725-featured.png\",\"datePublished\":\"2026-07-03T07:43:22+00:00\",\"description\":\"Eine kritische Schwachstelle (CVE-2026-9725, CVSS 9.1) im Printcart-Plugin f\u00fcr WordPress erm\u00f6glicht unauthentifizierten Angreifern das L\u00f6schen beliebiger Dateien.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#primaryimage\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/cve-2026-9725-featured.png\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/cve-2026-9725-featured.png\",\"width\":400,\"height\":400,\"caption\":\"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/cve-2026-9725-printcart-wordpress-plugin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/locaterisk.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#website\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"name\":\"LocateRisk\",\"description\":\"IT-Sicherheit messen und vergleichen\",\"publisher\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#organization\",\"name\":\"LocateRisk\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"contentUrl\":\"https:\\\/\\\/locaterisk.com\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/Kettenglieder_V0216-9.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"LocateRisk\"},\"image\":{\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/locaterisk\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/locaterisk.com\\\/de\\\/#\\\/schema\\\/person\\\/68f3857c15afa8ff59c545848dddcc32\",\"name\":\"Kristina Hoinkis\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g\",\"caption\":\"Kristina Hoinkis\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2026-9725 : faille critique dans un plugin WordPress | LocateRisk","description":"Une vuln\u00e9rabilit\u00e9 critique (CVE-2026-9725, CVSS 9.1) dans le plugin Printcart pour WordPress permet \u00e0 des attaquants non authentifi\u00e9s de supprimer n'importe quel fichier.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/locaterisk.com\/fr\/cve-2026-9725-printcart-wordpress-plugin\/","og_locale":"fr_FR","og_type":"article","og_title":"CVE-2026-9725: Kritische L\u00fccke in WordPress-Plugin | LocateRisk","og_description":"Eine kritische Schwachstelle (CVE-2026-9725, CVSS 9.1) im Printcart-Plugin f\u00fcr WordPress erm\u00f6glicht unauthentifizierten Angreifern das L\u00f6schen beliebiger Dateien.","og_url":"https:\/\/locaterisk.com\/fr\/cve-2026-9725-printcart-wordpress-plugin\/","og_site_name":"LocateRisk","article_published_time":"2026-07-03T07:43:22+00:00","og_image":[{"width":400,"height":400,"url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png","type":"image\/png"}],"author":"Kristina Hoinkis","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"Kristina Hoinkis","Dur\u00e9e de lecture estim\u00e9e":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#article","isPartOf":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/"},"author":{"name":"Kristina Hoinkis","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/68f3857c15afa8ff59c545848dddcc32"},"headline":"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung","datePublished":"2026-07-03T07:43:22+00:00","mainEntityOfPage":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/"},"wordCount":1164,"publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"image":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png","keywords":["Arbitrary File Deletion","CVE-2026-9725","Path Traversal","Printcart","printcart-integration","Sicherheitsl\u00fccke","Third-Party Risk","WooCommerce","WordPress"],"articleSection":["Cybersecurity News"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/","url":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/","name":"CVE-2026-9725 : faille critique dans un plugin WordPress | LocateRisk","isPartOf":{"@id":"https:\/\/locaterisk.com\/de\/#website"},"primaryImageOfPage":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#primaryimage"},"image":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#primaryimage"},"thumbnailUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png","datePublished":"2026-07-03T07:43:22+00:00","description":"Une vuln\u00e9rabilit\u00e9 critique (CVE-2026-9725, CVSS 9.1) dans le plugin Printcart pour WordPress permet \u00e0 des attaquants non authentifi\u00e9s de supprimer n'importe quel fichier.","breadcrumb":{"@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#primaryimage","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2026\/07\/cve-2026-9725-featured.png","width":400,"height":400,"caption":"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung"},{"@type":"BreadcrumbList","@id":"https:\/\/locaterisk.com\/de\/cve-2026-9725-printcart-wordpress-plugin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/locaterisk.com\/"},{"@type":"ListItem","position":2,"name":"Kritische Schwachstelle CVE-2026-9725 in WordPress-Plugin erm\u00f6glicht Datei-L\u00f6schung"}]},{"@type":"WebSite","@id":"https:\/\/locaterisk.com\/de\/#website","url":"https:\/\/locaterisk.com\/de\/","name":"LocateRisk","description":"Mesurer et comparer la s\u00e9curit\u00e9 informatique","publisher":{"@id":"https:\/\/locaterisk.com\/de\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/locaterisk.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/locaterisk.com\/de\/#organization","name":"LocateRisk","url":"https:\/\/locaterisk.com\/de\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/","url":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","contentUrl":"https:\/\/locaterisk.com\/wp-content\/uploads\/2020\/11\/Kettenglieder_V0216-9.jpg","width":1920,"height":1080,"caption":"LocateRisk"},"image":{"@id":"https:\/\/locaterisk.com\/de\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/locaterisk\/"]},{"@type":"Person","@id":"https:\/\/locaterisk.com\/de\/#\/schema\/person\/68f3857c15afa8ff59c545848dddcc32","name":"Kristina Hoinkis","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7756f96249844e60ceb218f17e06217dcbed4993bcd2124e3f59bb8675324f0d?s=96&d=mm&r=g","caption":"Kristina Hoinkis"}}]}},"_links":{"self":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts\/9078","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/comments?post=9078"}],"version-history":[{"count":1,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts\/9078\/revisions"}],"predecessor-version":[{"id":9079,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/posts\/9078\/revisions\/9079"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/media\/9077"}],"wp:attachment":[{"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/media?parent=9078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/categories?post=9078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/locaterisk.com\/fr\/wp-json\/wp\/v2\/tags?post=9078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}