CVE-2026-54819NVD

Vulnerability Summary

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webilia Inc. Listdom allows Blind SQL Injection.

This issue affects Listdom: from n/a through 5.4.0.

Severity Level

CRITICAL(9.3)

Published Date

Jun 17, 2026

Last Modified

Jun 17, 2026

Exploitation Status

No confirmed exploitation yet

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

N/A

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

ScopeChanged

ConfidentialityHigh

IntegrityNone

AvailabilityLow

External References

https://patchstack.com/database/wordpress/plugin/listdom/vulnerability/wordpress-listdom-plugin-5-4-0-sql-injection-vulnerability?_s_id=cve