CVE-2026-45211HIGH 8.5EPSS p12.7%

CVE-2026-45211CVE-2026-45211

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through <= 4.7.1.

Scoring

CVSS 3.18.5 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
EPSS0.22% probability of exploitation · percentile 12.7% · 2026-06-19T12:03:05Z
Published2026-05-12
Last modified2026-05-12

Underlying weaknesses· 1

CWE-89

References

  1. https://patchstack.com/database/Wordpress/Plugin/woosquare/vulnerability/wordpress-apiexperts-square-for-woocommerce-plugin-4-7-1-sql-injection-vulnerability?_s_id=cve

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')cwe-890%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-58686
CVE
CVE-2025-68881
CVE
CVE-2026-45214
CVE
CVE-2026-24993
CVE
CVE-2026-42684
CVE
CVE-2026-27039
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.