CVE Catalog

CVE-2026-52700

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile - higher than 27% of all known CVEs

Summary

There is a SQL Injection vulnerability in WCMultiShipping versions up to 3.0.2 that can be exploited by subscribers.

Risk Assessment

An attacker could gain access to sensitive data in the database, potentially leading to serious security breaches.

Recommendation

It is recommended to upgrade to the latest version of WCMultiShipping to mitigate this vulnerability.

Original NVD description (English source)

Subscriber SQL Injection in WCMultiShipping <= 3.0.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS