Skip to main content

Woocommerce Frontend Manager Ultimate

1 CVEs product

Monthly

CVE-2026-22335 HIGH PATCH This Week

SQL injection in the WooCommerce Frontend Manager - Ultimate WordPress plugin (versions prior to 6.7.7) allows authenticated subscriber-level users to inject SQL via plugin-handled input, exposing database contents and enabling limited data tampering on affected WooCommerce sites. The CVSS 8.5 rating reflects a scope change reaching the underlying database with high confidentiality impact. No public exploit identified at time of analysis.

WordPress SQLi Woocommerce Frontend Manager Ultimate
NVD
CVSS 3.1
8.5
EPSS
0.3%
EPSS 0% CVSS 8.5
HIGH PATCH This Week

SQL injection in the WooCommerce Frontend Manager - Ultimate WordPress plugin (versions prior to 6.7.7) allows authenticated subscriber-level users to inject SQL via plugin-handled input, exposing database contents and enabling limited data tampering on affected WooCommerce sites. The CVSS 8.5 rating reflects a scope change reaching the underlying database with high confidentiality impact. No public exploit identified at time of analysis.

WordPress SQLi Woocommerce Frontend Manager Ultimate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy