PT-2026-43155 · WordPress · Jetengine
Daroo
·
Published
2026-05-25
·
Updated
2026-05-26
·
CVE-2026-42774
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
JetEngine versions prior to 3.8.8.2
Description
Improper neutralization of special elements used in an SQL command allows for SQL injection, a technique where malicious SQL statements are inserted into entry fields for execution to manipulate a database.
Recommendations
Update to a version newer than 3.8.8.1.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jetengine