CVE-2026-1639 | Taskbuilder Plugin up to 5.0.2 on WordPress sort_by sql injection

February 17, 2026 Yanac

A vulnerability marked as critical has been reported in Taskbuilder Plugin up to 5.0.2 on WordPress. This affects an unknown function. The manipulation of the argument sort_by leads to sql injection.

This vulnerability is listed as CVE-2026-1639. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-13959 | Filestack Plugin up to 2.0.8 on WordPress Shortcode cross site scripting
CVE-2025-12356 | Tickera Plugin up to 3.5.6.4 on WordPress AJAX Endpoint wp_ajax_change_ticket_status authorization