What the vulnerability does
01Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1.
CVE-2024-35736
HIGH
CVE-2024-35736: WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability
CVSS base score
8.5/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Key dates
02Disclosure timeline
June 8, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-2090 SourceCodester Online Class Record System search.php sql injection
CVE-2025-2734 PHPGurukul Old Age Home Management System aboutus.php sql injection
CVE-2025-32125 WordPress Silvasoft boekhouden plugin <= 3.0.6 - SQL Injection vulnerability
CVE-2025-0173 SourceCodester Online Eyewear Shop view_order.php sql injection
CVE-2026-42229 n8n: SQL Injection in SeaTable Node
