CVE-2026-3830

HIGH

WordPress Product Filter for WooCommerce by WBW plugin < 3.1.3 - Unauthenticated SQLi vulnerability

Details

CVSS v3: 8.6
NVD published: 2026-04-13 07:16:50
EPSS: <0.1% probability · 13.6th percentile — 2026-04-13
Affected versions: Not available in our cache.
Summary: The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
Remediation: Not available in our cache.
Exploit info: Not available in our cache.

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.