CVE-2026-4079 - CERT CVE

  1. CVE-2026-4079

ID CVE-2026-4079
Sažetak The SQL Chart Builder WordPress plugin before 2.3.8 does not properly escape user input as it is concatened to SQL queries, making it possible for attackers to conduct SQL Injection attacks against the dynamic filter functionality.
Reference
CVSS
Base: 6.5
Impact: 2.5
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
LOW LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Zadnje važnije ažuriranje 09-04-2026 - 19:51
Objavljeno 07-04-2026 - 07:16