PT-2026-28053 · WordPress · Publishpress Revisions
Published
2026-03-25
·
Updated
2026-03-25
·
CVE-2026-32539
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
PublishPress Revisions versions through 3.7.23
Description
The software contains an Improper Neutralization of Special Elements used in an SQL Command issue, specifically a Blind SQL Injection. The issue is present in PublishPress Revisions revisionary and allows for potential exploitation through SQL Injection techniques. The API endpoint and vulnerable parameters are not specified. The function names are not specified.
Recommendations
Update PublishPress Revisions to a version later than 3.7.23.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Publishpress Revisions