This issue affects Product Filter by WBW: from n/a through 3.1.2.
Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress Product Filter by WBW Plugin to the latest available version (at least 3.1.3).
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 12 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wbw Plugins
Wbw Plugins product Filter By Wbw Wordpress Wordpress wordpress |
|
| Vendors & Products |
Wbw Plugins
Wbw Plugins product Filter By Wbw Wordpress Wordpress wordpress |
Fri, 12 Jun 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 11 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter by WBW: from n/a through 3.1.2. | |
| Title | WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-12T10:04:30.552Z
Reserved: 2026-04-07T10:47:43.843Z
Link: CVE-2026-39494
Updated: 2026-06-12T10:04:25.185Z
Status : Deferred
Published: 2026-06-11T22:16:56.207
Modified: 2026-06-12T13:13:53.050
Link: CVE-2026-39494
No data.
OpenCVE Enrichment
Updated: 2026-06-12T20:21:31Z