Perceptive Security
SOC/SIEM Consultancy
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-p…
Published:
26 mei 2026 om 22:00:00
Alert date:
27 mei 2026 om 12:04:12
Source:
nvd.nist.gov
Web Technologies, Database & Storage
A Blind SQL Injection vulnerability has been identified in the RealMag777 Active Products Tables for WooCommerce plugin. The vulnerability stems from improper neutralization of special elements used in SQL commands. This security flaw affects all versions of the profit-products-tables-for-woocommerce plugin from the initial release through version 1.0.9. The vulnerability allows attackers to perform blind SQL injection attacks, potentially compromising database integrity and exposing sensitive information. Users of this WordPress/WooCommerce plugin should update to a patched version immediately to mitigate the risk.
Technical details
Mitigation steps:
Affected products:
RealMag777 Active Products Tables for WooCommerce
profit-products-tables-for-woocommerce
Related links:
https://nvd.nist.gov/vuln/detail/CVE-2026-42761
https://patchstack.com/database/Wordpress/Plugin/profit-products-tables-for-woocommerce/vulnerability/wordpress-active-products-tables-for-woocommerce-plugin-1-0-9-sql-injection-vulnerability?_s_id=cve
Related CVE's:
Related threat actors:
IOC's:
This article was created with the assistance of AI technology by Perceptive.