CRITICAL
WBW Plugins
CVE published 2026-06-11
CVE-2026-39494
A critical vulnerability was discovered in the Product Filter by WBW WordPress plugin, affecting versions from n/a through 3.1.2. This vulnerability, tracked as CVE-2026-39494, is an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') issue, which allows for Blind SQL Injection attacks. The vulnerability has a CVSS score of 9.3 and is considered CRITICAL.