CVE-2026-45211

Name of the Vulnerable Software and Affected Versions APIExperts Square for WooCommerce versions prior to 4.7.2

Description Improper neutralization of special elements used in an SQL command allows for Blind SQL Injection. This occurs when an application fails to properly sanitize user-supplied data before including it in a database query, enabling an attacker to infer sensitive information by observing the application's response to specific queries.

Recommendations Update to a version newer than 4.7.1.