CVE•Published 2026-04-08•Modified 2026-04-24•1 article on news•5 live references•NVD data
CVE-2026-3396
Vulnerability data via NVD (ingested)
CVSS v3.1
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS percentile
95
Exploit Prediction Scoring System · top 5% of all CVEs
Weaknesses (CWE)
Description
WCAPF – WooCommerce Ajax Product Filter plugin is vulnerable to time-based SQL Injection via the 'post-author' parameter in all versions up to, and including, 4.2.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Timeline
Published 2026-04-08
Modified 2026-04-24
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
More intel sources (5)
Shodan report
vuln:CVE-2026-3396Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-3396Censys host search filtered to this CVE id.
grep.app
CVE-2026-3396Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-3396GitHub code search for direct mentions.
Google dork
"CVE-2026-3396" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (5)
CVE-2026-33965 repos
Threekiii/Awesome-POCJava
一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.
Metarget/metargetPython
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
Ostorlab/KEVunknown
Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.
oslook/n8n-workflowsunknown
4200 + Workflow Automation Templates are Grouped by Categories/Services for easy navigation
maheshndev/awesome-reposHTML
Awesome Repositories - Explore top-rated GitHub repositories curated for developers—tools, libraries, and projects to boost productivity and learning in one place. Discover the bes…