HIGHCVE-2026-32516Published 2026-03-25Modified 2026-04-29CNA Patchstack

CVE-2026-32516: WordPress Miraculous Core Plugin plugin < 2.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous Core Plugin miraculouscore allows Blind SQL Injection.This issue affects Miraculous Core Plugin: from n/a through < 2.1.2.

CVSS v3.1: 8.5
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

kamleshyadav / Miraculous Core Plugin
≤ < 2.1.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

References

patchstack.com

Metrics