Product
The WP Business Intelligence Lite plugin for WordPress contains an authorization bypass vulnerability (CVE-2026-15293) affecting all versions up to and including 3.2.0, allowing authenticated attackers with Subscriber-level access or higher to modify stored SQL queries which can lead to arbitrary SQL execution and privilege escalation when an administrator views the modified query.