WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. SQL injection vulnerability exists in versions of WordPress SiteSuperCharger plugin prior to 5.2.0, which stems from the plugin’s failure to validate, clean up, and escape various user inputs before using SQL statements via AJAX operations. An unauthenticated attacker could exploit this vulnerability to conduct SQL injection attacks.