CVE-2026-3599 | imprintnext Riaxe Product Customizer Plugin up to 2.1.2 on WordPress REST API Endpoint add-item-to-cart product_data options sql injection

A vulnerability was found in imprintnext Riaxe Product Customizer Plugin up to 2.1.2 on WordPress. It has been rated as critical. This issue affects the function product_data of the file /wp-json/InkXEProductDesignerLite/add-item-to-cart of the component REST API Endpoint. This manipulation of the argument options causes sql injection.

The identification of this vulnerability is CVE-2026-3599. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More