CVE-2026-56062
published 2026-06-26CVE-2026-56062: Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.
PriorityP264critical9.3CVSS 3.1
AVNACLPRNUINSCCHINAL
EPSS
0.24%
14.5th percentile
Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oooorgle | quotes_llama | n/a – 3.1.5 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
oooorgle Quotes llama Plugin up to 3.1.5 on WordPress sql injection (EUVD-2026-39716)
vuldb·2026-06-28·CVSS 9.3
CVE-2026-56062 [CRITICAL] oooorgle Quotes llama Plugin up to 3.1.5 on WordPress sql injection (EUVD-2026-39716)
A vulnerability, which was classified as critical, has been found in oooorgle Quotes llama Plugin up to 3.1.5 on WordPress. The impacted element is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2026-56062. It is possible to initiate the attack remotely. There is no exploit available.
GHSA
Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.
ghsa_unreviewed·2026-06-26
CVE-2026-56062 [CRITICAL] CWE-89 Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.
Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-26
Published