cleantalk
Vulnerabilities and Security Researches

Product Filter by WBW, CVE-2026-3830

CVE, Research URL

CVE-2026-3830

Home page URL

Security reports for Product Filter by WBW

Application

Product Filter by WBW

Published on
Apr 13, 2026
Research Description
The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks
Affected versions
max 3.1.3.
Status
vulnerable
Previous vulnerability researches
Image Source Control Lite – Show Image Credits and Captions (CVE-2021-24781) , Jun 07, 2024
Image Source Control Lite – Show Image Credits and Captions (CVE-2023-52187) , Jun 07, 2024
Image Source Control Lite – Show Image Credits and Captions (CVE-2025-22711) , Jan 23, 2025
Image Source Control Lite – Show Image Credits and Captions (CVE-2026-4852) , Apr 22, 2026
Image Source Control Lite – Show Image Credits and Captions (CVE-2024-13515) , Jan 19, 2025
New vulnerability
Image Source Control Lite – Show Image Credits and Captions (CVE-2026-4852) , Apr 22, 2026
MailerLite – WooCommerce integration (CVE-2026-1000) , Apr 22, 2026
Embed Calendly (CVE-2026-0868) , Apr 22, 2026
Product Filter by WBW (CVE-2026-39494) , Apr 22, 2026
Product Filter by WBW (CVE-2026-3830) , Apr 22, 2026