cleantalk
Vulnerabilities and Security Researches

WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting, CVE-2026-31917

CVE, Research URL

CVE-2026-31917

Home page URL

Security reports for WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting

Application

WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting

Published on
Mar 14, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP erp allows SQL Injection.This issue affects WP ERP: from n/a through <= 1.16.10.
Affected versions
max 1.16.10.
Status
vulnerable
Previous vulnerability researches
Hello Elementor (CVE-2024-31289) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-43292) , Aug 20, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-0766) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-35167) , Jun 10, 2024
Envo&#039;s Elementor Templates & Widgets for WooCommerce (CVE-2024-50447) , Oct 27, 2024
New vulnerability
Subscriptions for WooCommerce &#8211; Subscription Plugin for Collecting Recurring Revenue, Sell Membership Subscription Servic (CVE-2026-24372) , Mar 29, 2026
Meta Box &#8211; WordPress Custom Fields Framework (CVE-2025-14675) , Mar 29, 2026
Admin and Site Enhancements (ASE) (CVE-2026-32423) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2026-28135) , Mar 29, 2026
Royal Elementor Addons and Templates (CVE-2025-13067) , Mar 29, 2026