CVE-2026-54819

CRITICAL NVD

CVSS Score 9.3

Severity CRITICAL

Published Jun 17, 2026

Vendor unknown

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0.

References

https://patchstack.com/database/wordpress/plugin/listdom/vulnerability/wordpress-listdom-plugin-5-4-0-sql-injection-vulnerability?_s_id=cve