CVE-2026-2579

Name of the Vulnerable Software and Affected Versions WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress versions up to and including 4.4.3

Description The WowStore – Store Builder & Product Blocks for WooCommerce plugin for WordPress is susceptible to SQL Injection via the search parameter. Insufficient escaping of user-supplied input and inadequate preparation of existing SQL queries allow unauthenticated attackers to inject additional SQL queries, potentially extracting sensitive information from the database.

Recommendations Versions prior to 4.4.4 should be updated.