SQL Injection Vulnerability in Ally WordPress Plugin Exposes 200K+ Sites

SQL injection flaw in Ally WordPress plugin exposes 200,000+ sites to data theft. Patch released, but most installations remain unpatched and vulnerable...

PT-2026-24548

Name of the Vulnerable Software and Affected Versions The Ally – Web Accessibility & Usability plugin for WordPress versions prior to 4.1.0 Description The Ally – Web Accessibility & Usability plugin for WordPress is susceptible to SQL Injection through the URL path. This occurs because of...