CVE-2026-42646

HIGH NVD

CVSS Score 7.6

Severity HIGH

Published Apr 29, 2026

Vendor unknown

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Steve Burge TaxoPress simple-tags allows Blind SQL Injection.This issue affects TaxoPress: from n/a through <= 3.44.0.

References

https://patchstack.com/database/Wordpress/Plugin/simple-tags/vulnerability/wordpress-taxopress-plugin-3-44-0-sql-injection-vulnerability?_s_id=cve