EUVD-2026-14743
GHSA-g8j8-q3w7-359j
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3Description
The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all versions up to, and including, 3.8.6.1. This is due to the `filtered_query` parameter being excluded from the HMAC signature validation (allowing attacker-controlled input to bypass security checks) combined with the `prepare_where_clause()` method in the SQL Query Builder not sanitizing the `compare` operator before concatenating it into SQL statements. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, provided the site has a JetEngine Listing Grid with Load More enabled that uses a SQL Query Builder query.
Analysis
The JetEngine plugin for WordPress contains a SQL injection vulnerability in the listing_load_more AJAX action that allows unauthenticated attackers to extract sensitive database information. All versions up to and including 3.8.6.1 are affected. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit WordPress installations for JetEngine plugin presence and version; disable Listing Grid Load More functionality if the plugin is deployed. Within 7 days: Implement WAF rules blocking suspicious AJAX requests to listing_load_more; apply network segmentation to restrict database access. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today