WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability
CVE-2026-42647

9.3CRITICAL

Key Information:

What is CVE-2026-42647?

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection.

This issue affects JoomSport: from n/a through 5.7.7.

JoomSport <= 5.7.7

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

daroo | Patchstack Bug Bounty Program

CVE-2026-42647 Data