CVE-2026-5028 | 10up Eight Day Week Print Workflow Plugin up to 1.2.6 on WordPress AJAX Action pp-get-articles Title sql injection

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability was found in 10up Eight Day Week Print Workflow Plugin up to 1.2.6 on WordPress. It has been declared as critical. This affects the function pp-get-articles of the component AJAX Action Handler. Such manipulation of the argument Title leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-5028. The attack can be launched remotely. No exploit exists.

CVE-2026-5028 | 10up Eight Day Week Print Workflow Plugin up to 1.2.6 on WordPress AJAX Action pp-get-articles Title sql injection

Post correlati

CVE-2024-3120 | irontec sngrep up to 1.8.0 SIP Header src/sip.c sip_validate_packet Content-Length/Warning stack-based overflow

CVE-2024-11262 | SourceCodester Student Record Management System 1.0 View All Student Marks main stack-based overflow

CVE-2025-12518 | Bee Content Design Befree SDK up to 3.46.x Content Security Policy cross site scripting

CVE-2025-70034 | mscdex ssh2 1.17.0 incorrect regex