WordPress APIExperts Square for WooCommerce plugin

8.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through <= 4.7.1.

Basic Information

ID CVE-2026-45211

Source Patchstack

Published May 12, 2026 at 11:02

Modified May 12, 2026 at 11:03

Affected Product

Vendor Saad Iqbal

Product APIExperts Square for WooCommerce

Affected Versions Saad Iqbal APIExperts Square for WooCommerce 0

CWE Classification

CWE-89

References

patchstack.com /database/Wordpress/Plugin/woosquare/vulnerability/wordpress-apiexperts-square-for-woocommerce-plugin-4-7-1-sql-injection-vulnerability

{
    "lastseen": "",
    "description": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through <= 4.7.1.",
    "published": "2026-05-12T11:02:09.926Z",
    "modified": "2026-05-12T11:03:22.063Z",
    "type": "cve",
    "title": "WordPress APIExperts Square for WooCommerce plugin <= 4.7.1 - SQL Injection vulnerability",
    "source": "Patchstack",
    "references": "https://patchstack.com/database/Wordpress/Plugin/woosquare/vulnerability/wordpress-apiexperts-square-for-woocommerce-plugin-4-7-1-sql-injection-vulnerability?_s_id=cve",
    "id": "CVE-2026-45211",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Saad Iqbal APIExperts Square for WooCommerce 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "APIExperts Square for WooCommerce",
    "version": "0",
    "vendor": "Saad Iqbal",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

WordPress APIExperts Square for WooCommerce plugin <= 4.7.1 - SQL Injection vulnerability_CVE-2026-45211