CVE-2026-54838: SQL Injection Vulnerability in WC Vendors Marketplace
A SQL injection vulnerability exists in WC Vendors Marketplace plugin versions up to 2.6.8, allowing attackers to inject malicious SQL code. This vulnerability has a CVSS score of 8.5 and is considered high severity. Affected users should update to version 2.6.9 or later.