CVE Catalog
CVE-2026-56036
CriticalCVSS 9.3Exploitation Probability (EPSS)
Low risk0.24%
15th percentile — higher than 15% of all known CVEs
Summary
Unauthenticated SQL injection vulnerability in WordPress 결제 심플페이 plugin versions up to 5.5.6. An unauthenticated attacker can execute arbitrary SQL queries.
Risk Assessment
Risk includes unauthorized access to the WordPress database, leakage of sensitive data (e.g., passwords, user data), and potential takeover of the website.
Recommendation
Immediately update the 결제 심플페이 plugin to the latest available version (above 5.5.6). If an update is not possible, temporarily disable the plugin.
Original NVD description (English source)
Unauthenticated SQL Injection in 워드프레스 결제 심플페이 <= 5.5.6 versions.

