Skip to main content

SALESmanago CVE-2026-54822

| EUVDEUVD-2026-39364 HIGH
SQL Injection (CWE-89)
2026-06-25 Patchstack GHSA-xwxh-84mx-hgrr
8.5
CVSS 3.1 · Vendor: Patchstack
Share

Severity by source

Vendor (Patchstack) PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
vuln.today AI
6.5 MEDIUM

Network-reachable low-complexity SQLi needs a Subscriber account (PR:L); read-oriented injection gives high confidentiality but no clear integrity or availability impact, and I assess scope unchanged (S:U) versus the vendor's S:C.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Patchstack).

CVSS VectorVendor: Patchstack

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

1
Analysis Generated
Jun 25, 2026 - 14:17 vuln.today

DescriptionCVE.org

Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.

AnalysisAI

SQL injection in the WordPress SALESmanago & Leadoo plugin (versions 3.11.2 and earlier) lets authenticated users holding only Subscriber-level privileges inject arbitrary SQL into backend database queries, enabling extraction of sensitive data from the WordPress database. Reported by Patchstack and rated CVSS 8.5, it is dangerous because Subscriber is the lowest authenticated role and is frequently self-registerable on WordPress sites. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain Subscriber-level WordPress account
Delivery
Authenticate to target site
Exploit
Send crafted request to vulnerable plugin endpoint
Execution
Inject SQL via unsanitized parameter
Impact
Extract user and credential data from database

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated WordPress session at Subscriber level or higher (PR:L) on a site with the SALESmanago & Leadoo plugin version 3.11.2 or earlier installed and active; no user interaction and no high privileges are needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L, score 8.5) describes a network-exploitable, low-complexity attack needing only low privileges and no user interaction, with high confidentiality impact and a changed scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker registers or obtains a low-privilege Subscriber account on a WordPress site running the vulnerable plugin, then sends a crafted authenticated request to a plugin action carrying a malicious SQL payload in an unsanitized parameter. The injected query returns or leaks database contents such as administrator password hashes and user data, which can then be cracked offline or used to escalate. …
Remediation Upgrade the SALESmanago & Leadoo plugin to a release newer than 3.11.2 as published by the vendor; consult the Patchstack advisory (https://patchstack.com/database/wordpress/plugin/salesmanago/vulnerability/wordpress-salesmanago-leadoo-plugin-3-11-2-sql-injection-vulnerability) for the exact fixed version, since no patched version number was provided in the available data and should not be assumed. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all WordPress installations using SALESmanago & Leadoo plugin; document current versions deployed and count of active Subscriber-level users; assess whether the plugin is business-critical. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-54822 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy