CVE-2026-54836

CRITICAL NVD

CVSS Score 9.3

Severity CRITICAL

Published Jun 25, 2026

Vendor unknown

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5.

References

https://patchstack.com/database/wordpress/plugin/ymc-smart-filter/vulnerability/wordpress-filter-grids-plugin-3-11-5-sql-injection-vulnerability?_s_id=cve