CVE Catalog
CVE-2026-39581
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk0.36%
27th percentile — higher than 27% of all known CVEs
Summary
The WP Sessions Time Monitoring Full Automatic plugin versions up to 1.1.4 is vulnerable to SQL Injection, allowing unauthorized users to access the database.
Risk Assessment
An attacker could exploit this vulnerability to steal data or modify information in the database, posing a serious security threat.
Recommendation
It is recommended to update the plugin to the latest version to mitigate this vulnerability and conduct a security audit of the database.
Original NVD description (English source)
Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic <= 1.1.4 versions.

