Skip to main content

Geo My Wordpress

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-52715 CRITICAL Act Now

Unauthenticated SQL injection in the GEO my WordPress plugin versions 4.5.5 and earlier allows remote attackers to inject arbitrary SQL into backend queries against WordPress sites running the plugin. The flaw was disclosed via Patchstack, carries a CVSS 9.3 with scope change, and currently has no public exploit identified at time of analysis, though SQL injection in WordPress plugins is historically a high-value automated target.

WordPress SQLi Geo My Wordpress
NVD VulDB
CVSS 3.1
9.3
EPSS
0.4%
CVE-2026-52715
EPSS 0% CVSS 9.3
CRITICAL Act Now

Unauthenticated SQL injection in the GEO my WordPress plugin versions 4.5.5 and earlier allows remote attackers to inject arbitrary SQL into backend queries against WordPress sites running the plugin. The flaw was disclosed via Patchstack, carries a CVSS 9.3 with scope change, and currently has no public exploit identified at time of analysis, though SQL injection in WordPress plugins is historically a high-value automated target.

WordPress SQLi Geo My Wordpress
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy