SQL Injection Vulnerability in SEO Booster Plugin for WordPress
CVE-2026-15458
4.9MEDIUM
What is CVE-2026-15458?
The SEO Booster plugin for WordPress has a vulnerability that allows authenticated users with administrator privileges to execute arbitrary SQL queries through insufficiently sanitized input via the 'sort_field' parameter. This security flaw could lead to unauthorized data access and manipulation, exposing sensitive information stored in the database. The vulnerability affects all versions of the plugin up to and including 7.3.1, requiring urgent attention from users to mitigate potential risks.
Affected Version(s)
SEO Booster 0 <= 7.3.1