CVE-2026-3830

HIGH 8.6

Product Filter for WooCommerce by WBW < 3.1.3 - Unauthenticated SQLi

CVSS Score

8.6

EPSS Score

0.0%

EPSS Percentile

0th

The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

Vendor	unknown
Product	product filter for woocommerce by wbw
Published	Apr 13, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for unknown product filter for woocommerce by wbw

Be the first to know when new high vulnerabilities affecting unknown product filter for woocommerce by wbw are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Unknown / Product Filter for WooCommerce by WBW

0 < 3.1.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

wpscan.com: https://wpscan.com/vulnerability/768014fd-0403-4182-b19e-3d46c92d8755/

Credits

mcdruid WPScan