Product
A critical SQL Injection vulnerability, identified as CVE-2026-15300, was found in the GEO my WP plugin for WordPress, affecting versions up to and including 4.5.4, allowing attackers to inject SQL payloads through the 'distance', 'lat', and 'lng' parameters, leading to potential data compromise or denial of service.