Unauthenticated SQL Injection Vulnerability in Quotes Llama Plugin by WordPress
CVE-2026-56062
9.3CRITICAL
What is CVE-2026-56062?
This vulnerability enables unauthenticated SQL injection in the Quotes Llama plugin, affecting versions up to 3.1.5. An attacker can exploit this weakness to execute arbitrary SQL queries against the database, potentially leading to unauthorized data exposure or manipulation. It is imperative for users of this plugin to apply available patches and updates to mitigate risks associated with this security flaw.
Affected Version(s)
Quotes llama <= 3.1.5