2 matches found
CVE-2026-45211
CVE-2026-45211 describes an SQL Injection in the WordPress plugin “APIExperts Square for WooCommerce” (woosquare) up to and including version 4.7.1. The vulnerability arises from improper neutralization of SQL commands, enabling a blind SQL injection. The impact stated in the CVE list indicates h...
APIExperts Square for WooCommerce < 4.3 - Reflected Cross-Site Scripting
Description The APIExperts Square for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...