CVE-2026-0683 | SupportCandy Plugin up to 3.4.4 on WordPress Number Field Filter sql injection

Inserito da Angelo Barbosa | Gen 31, 2026 | CVE

A vulnerability, which was classified as critical, has been found in SupportCandy Plugin up to 3.4.4 on WordPress. This issue affects some unknown processing of the component Number Field Filter. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2026-0683. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2026-0683 | SupportCandy Plugin up to 3.4.4 on WordPress Number Field Filter sql injection

Post correlati

CVE-2024-34955 | code-projects Budget Management 1.0 delete sql injection

CVE-2025-10109 | Campcodes Online Loan Management System 1.0 ajax.php?action=delete_payment ID sql injection

CVE-2023-42949 | Apple watchOS Temporary Directory access control

CVE-2025-54656 | Apache Struts 1.x LookupDispatchAction neutralization for logs