← back
CVE-2025-47643

WordPress ELEX Product Feed for WooCommerce <= 3.1.2 - SQL Injection Vulnerability

CVSS 7.6 HIGHEPSS 0.4%CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX Product Feed for WooCommerce allows SQL Injection. This issue affects ELEX Product Feed for WooCommerce: from n/a through 3.1.2.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L
Affected products
ELEXtensions · ELEX Product Feed for WooCommerce

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://patchstack.com/database/wordpress/plugin/elex-product-feed/vulnerability/wordpress-elex-product-feed-for-woocommerce-3-1-2-sql-injection-vulnerability?_s_id=cve