HIGHCVE-2026-45211Published 2026-05-12Modified 2026-05-13CNA Patchstack

CVE-2026-45211: WordPress APIExperts Square for WooCommerce plugin <= 4.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through <= 4.7.1.

CVSS v3.1: 8.5
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Saad Iqbal / APIExperts Square for WooCommerce
≤ 4.7.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

References

patchstack.com

Metrics