CVE-2026-39494
WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability
Vexday Risk Score
28Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 9.3EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
11 jun 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection.
This issue affects Product Filter by WBW: from n/a through 3.1.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Produtos afetados
WBW Plugins · Product Filter by WBW