CVE-2026-8978 | crafium OptinCraft Plugin up to 1.2.0 on WordPress order_by sql injection

A vulnerability, which was classified as critical, has been found in crafium OptinCraft Plugin up to 1.2.0 on WordPress. This affects an unknown part. The manipulation of the argument order_by leads to sql injection.

This vulnerability is documented as CVE-2026-8978. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More