Skip to main content

Publishpress Revisions

1 CVEs product

Monthly

CVE-2026-32539 CRITICAL Act Now

A blind SQL injection vulnerability exists in the PublishPress Revisions WordPress plugin through version 3.7.23, allowing attackers to execute arbitrary SQL commands against the underlying database. The vulnerability affects all installations of PublishPress Revisions up to and including version 3.7.23, enabling attackers to extract sensitive data, modify database contents, or potentially achieve remote code execution depending on database permissions and WordPress configuration. No CVSS score or EPSS data is currently available, and KEV status is unknown, though the vulnerability has been documented by Patchstack security researchers with a public reference available.

SQLi Publishpress Revisions
NVD VulDB
CVSS 3.1
9.3
EPSS
0.0%
EPSS 0% CVSS 9.3
CRITICAL Act Now

A blind SQL injection vulnerability exists in the PublishPress Revisions WordPress plugin through version 3.7.23, allowing attackers to execute arbitrary SQL commands against the underlying database. The vulnerability affects all installations of PublishPress Revisions up to and including version 3.7.23, enabling attackers to extract sensitive data, modify database contents, or potentially achieve remote code execution depending on database permissions and WordPress configuration. No CVSS score or EPSS data is currently available, and KEV status is unknown, though the vulnerability has been documented by Patchstack security researchers with a public reference available.

SQLi Publishpress Revisions
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy