CVE-2026-3326 | Xstore Plugin up to 9.7.2 on WordPress sql injection

June 10, 2026 Yanac

A vulnerability was found in Xstore Plugin up to 9.7.2 on WordPress and classified as critical. Impacted is an unknown function. The manipulation results in sql injection.

This vulnerability is reported as CVE-2026-3326. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More