What the vulnerability does
01Description
The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
Explanation of Vulnerability in Simple Terms
02Summary
A vulnerability exists in Product Filter for WooCommerce by WBW versions before 3.1.3. The specific attack vector and impact are not yet documented. Site administrators should update to version 3.1.3 or later to ensure protection.
What an attacker can do
03Attacker Capabilities
Unknown; insufficient technical details available.
Potential impact on your site
04Site Impact
Update Product Filter for WooCommerce by WBW to version 3.1.3 or later.
Conditions required to exploit
05Prerequisites
Unknown; insufficient technical details available.
Key dates
06Disclosure timeline
April 13, 2026
CVE published
April 13, 2026
Record updated