CVE-2026-8444 | The WP Review Slider Pro plugin for WordPress is vulnerable … | CVSS 8.8 HIGH

Description

The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs[]' parameter of the wpfb_find_reviews AJAX action in versions up to, and including, 12.6.8. This is due to the handler reading $_POST['curselrevs'] raw with no sanitization or type casting, then concatenating each array element directly into a `WHERE id IN ( ... )` clause without quoting and executing via $wpdb->get_results() without $wpdb->prepare(). This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

Metadata

CVE ID: CVE-2026-8444
State: PUBLISHED
Assigner: Wordfence
Reserved: 2026-05-12 20:21 UTC
Published: 2026-06-16 06:49 UTC
Last updated: 2026-06-16 13:56 UTC
Primary CWE: CWE-89
CWE-89 Improper Neutralization of Special Elements used in a…
Vendor / Product: https://wpreviewslider.com/ / WP Review Slider Pro
Sources: cve.org · NVD

Severity & Metrics

8.8 HIGH CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC — CISA Coordinator

Exploitation: none
Automatable: no
Tech. Impact: total

Affected products (1)

Vendor	Product	Platform	Versions
https://wpreviewslider.com/	WP Review Slider Pro	—	0 ≤ 12.6.8

Weakness (CWE)

CWE	Source	Description
CWE-89	cna	CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSS scores (1)

Score	Severity	Version	Source	Vector
8.8	HIGH	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (2)