CVE-2026-39512CRITICAL NVDCVSS Score 9.3Severity CRITICALPublished Jun 15, 2026Vendor unknownDescriptionUnauthenticated SQL Injection in GeoDirectory <= 2.8.152 versions.Referenceshttps://patchstack.com/database/wordpress/plugin/geodirectory/vulnerability/wordpress-geodirectory-plugin-2-8-152-sql-injection-vulnerability?_s_id=cve