PT-2026-32280 · Wbw · Premmerce Product Filter For Woocommerce

Mcdruid

Published

2026-04-13

Updated

2026-04-27

CVE-2026-3830

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Product Filter for WooCommerce by WBW WordPress plugin versions prior to 3.1.3

Description An issue exists where a parameter is not sanitized or escaped before being used in a SQL statement. This allows unauthenticated users to perform SQL injection attacks, which involve inserting malicious SQL code into a query to manipulate the database.

Recommendations Update the plugin to version 3.1.3 or later.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2026-3830

Affected Products

Premmerce Product Filter For Woocommerce

PT-2026-32280 · Wbw · Premmerce Product Filter For Woocommerce

CVE-2026-3830

Weakness Enumeration

Related Identifiers

Affected Products

References · 5