WordPress Accessibility Suite by Ability, Inc plugin <= 4.20 - Authenticated (Subscriber+) SQL Injection via 'scan_id' Parameter vulnerability

Authenticated Subscriber+ SQL Injection via 'scanid' Parameter vulnerability discovered by Victor Pasman in WordPress Plugin Accessibility Suite versions = 4.20...

PT-2026-33268

Name of the Vulnerable Software and Affected Versions Accessibility Suite by Ability, Inc versions prior to 4.21 Description The Accessibility Suite by Ability, Inc plugin for WordPress contains a flaw allowing authenticated attackers with Subscriber-level access or higher to perform SQL Injectio...