3 matches found
CVE-2026-57810 WordPress APIExperts Square for WooCommerce plugin <= 4.7.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through = 4.7.4...
CVE-2026-45211
CVE-2026-45211 describes an SQL Injection in the WordPress plugin “APIExperts Square for WooCommerce” (woosquare) up to and including version 4.7.1. The vulnerability arises from improper neutralization of SQL commands, enabling a blind SQL injection. The impact stated in the CVE list indicates h...
APIExperts Square for WooCommerce < 4.3 - Reflected Cross-Site Scripting
Description The APIExperts Square for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...