SQL Injection Vulnerability in Slimstat Analytics by VeronaLabs
CVE-2026-54818

8.5HIGH

Key Information:

Vendor: WordPress
Status: Slimstat Analytics
Vendor: CVE Published:; 17 June 2026

What is CVE-2026-54818?

A vulnerability in Slimstat Analytics by VeronaLabs allows attackers to perform Blind SQL Injection due to improper handling of special elements in SQL commands. This issue could enable unauthorized access and manipulation of the underlying database. Users are encouraged to update their Slimstat Analytics plugin to the latest version to mitigate the risk.

Affected Version(s)

Slimstat Analytics <= 5.4.11

References

https://patchstack.com/database/wordpress/plugin/wp-slims...

vdb-entry

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 17, 2026
Vulnerability Reserved
Jun 16, 2026

Credit

hhhai | Patchstack Bug Bounty Program

CVE-2026-54818 Data

JSON