CVE-2026-45211 - Vulnerability Analysis
HighCVSS: 8.5Last Updated: May 12, 2026
Saad Iqbal APIExperts Square for WooCommerce - SQL Injection
Overview
Saad Iqbal APIExperts Square for WooCommerce <= 4.7.1 contains a sql injection caused by improper neutralization of special elements in SQL commands, letting attackers perform blind SQL injection remotely, exploit requires crafted requests.
Severity & Score
Impact
Attackers can execute arbitrary SQL queries, potentially leading to data disclosure or modification.
Mitigation
Update to the latest version beyond 4.7.1.
Social Media Activity(2 posts)
š CVE-2026-45211 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a ... š https://www.thehackerwire.com/vulnerability/CVE-2026-45211/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-45211 - High (8.5) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a ... š https://www.thehackerwire.com/vulnerability/CVE-2026-45211/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-45211
- Severity
- High
- CVSS Score
- 8.5
- Type
- sql_injection
- Status
- rejected
- EPSS
- 3.0%
- Social Posts
- 2
CWE
- CWE-89
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L