3 matches found
CVE-2026-4087
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2026-4087 Pre* Party Resource Hints <= 1.8.20 - Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...
CVE-2026-4087 Pre* Party Resource Hints <= 1.8.20 - Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter
The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...