CVE-2026-32422 - levelfourdevelopment WP EasyCart - SQL Injection

Overview

levelfourdevelopment WP EasyCart <= 5.8.13 contains an SQL injection caused by improper neutralization of special elements in SQL commands, letting attackers perform blind SQL injection remotely, exploit requires crafted requests.

Severity & Score

Severity: High

CVSS Score: 8.5

EPSS Score: 2.1%(Probability of exploitation in next 30 days)

Impact

Attackers can execute arbitrary SQL queries, potentially leading to data disclosure or modification.

Mitigation

Update to the latest version beyond 5.8.13.

References

https://patchstack.com/database/Wordpress/Plugin/wp-easycart/vulnerability/wordpress-wp-easycart-plugin-5-8-13-sql-injection-vulnerability?_s_id=cve

Social Media Activity(6 posts)

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

TheHackerWire

@thehackerwire

Mar 13, 2026

🟠 CVE-2026-32422 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through <= 5.8.13. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32422/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

CVE-2026-32422 - Vulnerability Analysis

Overview

Severity & Score

Impact

Mitigation

References

Social Media Activity(6 posts)

Related Resources

Details

CWE

CVSS Metrics

EPSS Score