PT-2026-28030 · WordPress · Miraculous Core Plugin
Published
2026-03-25
·
Updated
2026-03-26
·
CVE-2026-32516
CVSS v3.1
8.5
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Miraculous Core Plugin versions prior to 2.1.2
Description
The Miraculous Core Plugin contains a flaw due to improper neutralization of special elements within SQL commands, leading to a Blind SQL Injection condition. This allows for potential unauthorized access to or manipulation of data within the database. The affected component is susceptible to exploitation through crafted SQL queries.
Recommendations
Update the Miraculous Core Plugin to version 2.1.2 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Miraculous Core Plugin