CVE Catalog
CVE-2026-52700
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk0.35%
27th percentile - higher than 27% of all known CVEs
Summary
There is a SQL Injection vulnerability in WCMultiShipping versions up to 3.0.2 that can be exploited by subscribers.
Risk Assessment
An attacker could gain access to sensitive data in the database, potentially leading to serious security breaches.
Recommendation
It is recommended to upgrade to the latest version of WCMultiShipping to mitigate this vulnerability.
Original NVD description (English source)
Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions.

