[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#CVE-2026-13333

articleMEDIUM 6.5

CVE-2026-13333: SQL Injection Vulnerability in Groundhogg Plugin for WordPress

The Groundhogg plugin for WordPress is vulnerable to a generic SQL injection attack via the 'query[select]' parameter in versions up to and including 4.5.5. This vulnerability allows authenticated attackers with Sales Representative-level access and above to append additional SQL queries to extract sensitive information from the database. The CVSS score for this vulnerability is 6.5, indicating a medium severity. Organizations using the affected versions of the Groundhogg plugin should apply the necessary patches immediately to prevent potential exploitation.

Jun 28, 20261 source