CRITICALCVE-2026-42773Published Modified CNA Patchstack
CVE-2026-42773: WordPress eMagicOne Store Manager plugin <= 1.3.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2.
Metrics
- CVSS v3.1
- 9.3
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 1
Affected packages
- eMagicOne / eMagicOne Store Manager≤ 1.3.2
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:LReferences