Skip to main content

BEAR woo-bulk-editor CVE-2026-45213

| EUVDEUVD-2026-29455 HIGH
SQL Injection (CWE-89)
2026-05-12 Patchstack GHSA-3v6g-g235-cmv9
7.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.6 HIGH
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

2
Analysis Generated
May 12, 2026 - 11:32 vuln.today
CVE Published
May 12, 2026 - 11:02 nvd
HIGH 7.6

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

AnalysisAI

Blind SQL injection in BEAR woo-bulk-editor plugin for WordPress up to version 1.1.7.1 allows high-privilege authenticated administrators to extract database contents through specially crafted SQL queries. The scope change in CVSS (S:C) indicates potential impact beyond the plugin itself, enabling access to other WordPress data or resources. No public exploit code or active exploitation indicators identified at time of analysis, but Patchstack public disclosure increases weaponization risk.

Technical ContextAI

BEAR is a WordPress plugin providing bulk editing capabilities for WooCommerce products, developed by RealMag777. The vulnerability manifests as CWE-89 (SQL Injection) where user-controlled input from authenticated administrators is incorporated into SQL queries without proper sanitization or parameterization. The blind SQL injection variant means attackers cannot see query results directly but can infer data through timing-based or boolean-based techniques. The CPE identifier cpe:2.3:a:realmag777:bear confirms the specific vendor and product namespace. SQL injection in WordPress plugins typically occurs when developers use direct database queries via wpdb without prepared statements, allowing attackers to append malicious SQL syntax.

RemediationAI

Update BEAR woo-bulk-editor plugin to version 1.1.7.2 or later if available, verifying release notes address CVE-2026-45213. Check Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/woo-bulk-editor/vulnerability/wordpress-bear-plugin-1-1-7-1-sql-injection-vulnerability for confirmed patched version and installation guidance. If patch not yet released, implement compensating controls: restrict WordPress administrator access to trusted IP addresses via .htaccess or firewall rules, enforce multi-factor authentication for all admin accounts, audit administrator user list and remove unnecessary elevated accounts, enable WordPress database activity logging to detect blind SQL injection patterns (time delays, unusual queries). Consider temporarily disabling the plugin if bulk editing functionality not actively required. Monitor Patchstack and WordPress plugin repository for security updates. Note that IP restrictions may impact legitimate remote administration and MFA adds authentication friction.

Share

CVE-2026-45213 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy