CVE Catalog
CVE-2026-57765
HighCVSS 8.5Exploitation Probability (EPSS)
Low risk0.22%
13th percentile — higher than 13% of all known CVEs
Summary
The WP EasyCart plugin for WordPress versions 5.9.0 and earlier contains a SQL injection vulnerability via the 'contributor' attribute. This allows an attacker to manipulate database queries.
Risk Assessment
The risk includes unauthorized access, modification, or deletion of data, potentially leading to a breach of confidentiality and integrity of the system.
Recommendation
It is recommended to immediately update the WP EasyCart plugin to the latest available version that fixes this vulnerability.
Original NVD description (English source)
Contributor SQL Injection in WP EasyCart <= 5.9.0 versions.

