CVE-2026-4060
The Geo Mashup plugin for WordPress (WordPress) is affected by CVE-2026-4060: Time-Based SQL Injection via the sort parameter in all versions up to and including 1.13.18. The root cause is insufficient escaping for user-supplied input and insufficient preparation of the existing SQL query. The es...