CVE-2026-31920

Name of the Vulnerable Software and Affected Versions Product Rearrange for WooCommerce versions n/a through 1.2.2

Description The software contains a flaw due to improper neutralization of special elements within an SQL command, leading to a potential SQL injection issue. Specifically, the software is susceptible to a blind SQL injection attack. The products-rearrange-woocommerce component is affected. The vulnerability allows for potential unauthorized access or manipulation of data through crafted SQL queries.

Recommendations Update Product Rearrange for WooCommerce to a version later than 1.2.2.