CVE-2026-8163

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published Jun 23, 2026

Vendor unknown

Description

The Infility Global WordPress plugin before 2.15.19 does not properly sanitize and escape some parameters before using them in SQL statements, leading to a SQL Injection vulnerability exploitable by authenticated users with Subscriber-level access and above.

References

https://wpscan.com/vulnerability/e471516a-6f43-4a89-8486-7a638845e197/